Japanese beauty e-tailer Acro hit by third-party data breach; exposes more than 100,000 payment cards 

Japanese beauty e-tailer Acro hit by third-party data breach; exposes more than 100,000 payment cards 

THE WHAT? Japanese beauty e-tailer Acro has been hit by a third-party data breach, which exposed more than 100,000 payment cards across two of its four beauty product websites. 

THE DETAILS The hack took place on the Three Cosmetics domain as well as Amplitude, with data exposed by consumers that purchased items between 21st May, 2020 and 18th August, 2021. 

Stolen data included cardholder names, payment card numbers, dates of expiry and security codes, according to The Daily Swig. 

The breach has been reported to law enforcement and Japan’s Personal Information Protection Commission, with affected customers having been notified by Acro from 24th February. 

THE WHY? The attack is thought to have compromised a vulnerability in the payment processor’s systems. 

Acro has since apologized to consumers, urging people to monitor their financial statements for suspicious activity. 

The online retailer has bolstered its cybersecurity based on the conclusion of the investigation. 

IN CONVERSATION WITH...

FORMULA FRIDAY

STREET TALK

60 SECOND PITCH

WELLNESS

FASHION

TRAVEL

PROFESSIONAL BEAUTY

TOP 50 BRANDS