Sephora, an international cosmetic retailer was in a few weeks ago hit by a data breach, sending shivers down the spine of customers who had accounts on the platform. The website admitted to the reports on compromised data but stated to have no idea about the number of customers hit.
In a research made by Group IB, an international cybersecurity firm based in Singapore, data from 3.7 million customers have been found for sale on the dark web marketplace. Though no credit card information was leaked in the process, customers’ names, date of births, gender, ethnicity information, and email addresses were leaked. On the dark web, they were up for $1900 according to the report.
Image Sources: www.stuff.co.nz
As claimed by reports, customers in Singapore, Indonesia, Thailand, Philippines, Hong Kong, Australia, and New Zealand were heavily affected. After the incident, the website reported to have canceled all passwords related to any account, and have taken a critical review of its security to ensure this does not happen in the future. The Group IB reported that they spotted two databases advertised on the dark web forum suspected to be related to the Sephora customers.
Group IB reported that the first database exposed on the dark web comes from February 2019 according to the seller’s listing. It was found that the database contained about 500,000 records of Sephora customers based in Thailand and Indonesia. A brief investigation made it known that the first database of these two countries was advertised separately on 6 July and 17 July 2019. However, the name for the database was not mentioned in the statement made.
On 28 July 2019, the second database was found being advertised on the dark web forum. From the sellers listing, it was found the records were from March 2019 leak. This contained a record of 3.2 million Sephora customers’ data. The database was being advertised with the name Sephora 2019/03 shopping. The website made the data breach announcement to its online users on 29 July, which means customers information were leaked months before they were notified.
mage Sources: www.stuff.co.nz, www.globalnews.ca,
Ilya Sachkov, the founder and Chief Executive Officer of Group IB believes that the degree of the data breach should not be underestimated, though there was no known leaked payment details and a breach of passwords. He, however, pointed out that the expose of customers’ personal information on the dark web put them at risk of Identity theft and phishing attacks.
Beth Glancey, Sephora Australia and New Zealand country manager earlier stated that they spotted the data breach over the last two weeks. However, they had no ground to report that personal information of customers was misused.
According to the company, they will ensure that all affected customers are largely supported to have access to a free subscription to a data monitoring service. The spokeswoman for Sephora reported that the company appointed a forensic cyber expert soon after discovering the data breach. According to her, the incident is being investigated and until it is concluded, they cannot disclose the exact number of customers affected in the incident.
The initial investigation made after the breach revealed that there was no major vulnerability on the website. Also, it was reported there were no traces of cyberattack. However, how the customers’ data got exposed on the dark web would be known in the final report of the investigation. Sephora reported that they have installed high level “monitoring and alerting”, as well as “rotated access credential” to check future unusual activities and all human and system users on the authority of the statement made. Despite the many statements made after the incident, the website has not yet disclosed the exact date the data was breached and the time they became aware of the incident. They just said, “it was in the last two weeks.”
A data breach has been the latest trend as many giant companies have become victims since last year. A report stated that 260 data breaches occurred between October and December 2018. Over 800 of such incidents were recorded since February 2018. Equifax also experienced this same horrible incident and has been made to settle 148 million customers whose data were breached.
Outdoor retailer, Kathmandu was also hit by an extreme data breach that affected customers’ personal information and payment details. Earlier in the year, a total of 620 million accounts from 16 separate breaches were offered for sale on the dark web. This establishes the number of people whose information is at risk on vulnerable websites. It has been advised that websites or companies should invest in cybersecurity to avoid dealing with hackers who may demand insane ransoms and put sensitive data at risk.
Source: NZ Herald
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.