Sephora Asia has alerted its online consumers that it has been hit by a data breach over the past fortnight.
In an email sent out to customers in the Asia-Pacific region, including Australia, Hong Kong, Indonesia, Malaysia, New Zealand, the Philippines, Singapore and Thailand, the beauty retailer stated that some with online accounts had had data exposed to an unauthorized third party.
While no credit card data was accessed, exposed user data included first and last names, date of birth, gender, email address, encrypted passwords and data relating to ‘beauty preferences.’
Alia Gogi, Managing Director of Sephora South-East Asia, apologized to consumers in the email and advised online users to change their passwords.
She continued, “We are also offering a personal data monitoring service, at no cost to you, through a leading third-party provider.”
Consumers have until 30th November to use the data monitoring service, with no high street outlets having been affected. Sephora is said to have ‘thoroughly reviewed’ its security systems.