Data from half a million shoppers on the street due to Sephora data breach

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

Security researchers have found a major data breach at cosmetics giant Sephora. The research team, led by Aaron Phillips, can confirm that nearly half a million customers’ personal data was unsecured online. Sephora is a gigantic French cosmetics store with many locations in the United States but also trying to gain a foothold in Europe and the Netherlands.

Affected users are members of the pre-2019 Sephora rewards program. We analyzed the leak and created a timeline of events.

What data was on the street?

The following personal data were found during the data breach:

Card numbers matching Sephora Beauty Inside Account numbers Full names Email addresses Phone numbers Sephora rewards points

The data was exposed when Sephora exported information from their database and stored it on the Amazon cloud.

Data from half a million shoppers on the street due to Sephora data breach

Data from half a million shoppers on the street due to Sephora data breach

Our team took screenshots, and a small snippet of the data that was discovered can be seen above. Sephora sealed the leak after a few days. As you can see there was personal information in the fields full name, email, card_numbers, and phone_number.

Read more

Explore the site

More from the blog

Latest News