Image by Kin Shing Lai, from Unsplash
Dior Data Breach Exposes Personal Info Of U.S. Clients
Reading time: 2 min
Last Updated: Jul 23, 2025
-
![Kiara Fabbri]()
-
![Sarah Frazier]()
Fact-Checked by Sarah Frazier Content Manager
The French luxury brand Dior started informing its U.S. customers of a data breach which exposed their personal information..
In a rush? Here are the quick facts:
- Exposed data includes names, addresses, and in some cases, ID and Social Security numbers.
- Payment and bank information were not compromised in the incident.
- Dior is offering 24 months of free credit monitoring to affected individuals.
The company distributed notifications this week to reveal that unauthorized access occurred to Dior client database on January 26, 2025, as first reported by BleepingComputer. However, the breach was only discovered on May 7, prompting an internal investigation to assess its scope.
“Our investigation determined that an unauthorized party was able to gain access to a Dior database that contained information about Dior clients on January 26, 2025,” reads the notice sent to affected individuals.
“Dior promptly took steps to contain the incident, and we have no evidence of subsequent unauthorized access to Dior systems,” the notice reads.
The company revealed that the compromised data included full names, together with contact information, physical addresses, dates of birth, passport or government ID numbers, and Social Security Numbers in specific cases. The company stated that payment card and banking information remained unaffected by the breach.
The company notified law enforcement while bringing in third-party cybersecurity experts to assist with the incident. The affected customers need to stay alert for phishing scams while keeping their financial accounts under close observation.
BleepingComputer reports that Dior provides 24 months of free credit monitoring and identity theft protection services that customers can use until October 31, 2025.
The breach coincides with an earlier disclosure affecting Dior customers in South Korea and China, as noted by BleepingComputer.
It is believed to be linked to a broader cyberattack carried out by the ShinyHunters extortion group, which reportedly accessed LVMH customer data by breaching a third-party vendor.
The LVMH brand Louis Vuitton experienced a similar security incident which affected customers across the UK, South Korea, and Turkey. BleepingComputer received information from sources indicating that both Dior and Louis Vuitton suffered from the same cyberattack. The company has not revealed the number of U.S. customers who experienced the breach.
Previous Story
Latest articles 
