- Rituals confirmed a cyberattack in April that exposed customer data from its “My Rituals” membership program.
- The stolen information included names, contact details, dates of birth and addresses, although no passwords or payment details were accessed.
- The company launched a forensic investigation, notified affected users and reported the incident to authorities, with no evidence of public leaks so far.
Global cosmetics powerhouse Rituals suffered a cyberattack in which it lost personally identifiable data (PII) of its customers.
In a security advisory posted on its website, Rituals said it identified an unauthorized download of a portion of its members’ data. The attack, which took place in April this year, was stopped as soon as the company became aware of it, he said, without giving a more precise chronology of events.
Before the criminals were expelled, they managed to steal people’s full names, email addresses, phone numbers, dates of birth, genders and postal addresses.
Article continues below.
No attribution
While passwords and payment information were not accessed, this type of information is more than enough to send highly convincing phishing emails, which can lead to ransomware attacks, fraudulent bank transfers, identity theft, and other forms of more serious cybercrime.
“We have launched an in-depth forensic investigation to understand how this happened and what steps we can take to prevent a similar incident in the future,” Rituals said in the notice. “We have also reported this to the relevant authorities.” Customers whose data was accessed were also notified by email and warned to be on the lookout for incoming communications claiming to come from the company.
The organization did not say who was behind the attack, nor whether the threat actors attempted to extort it in exchange for deleting the files. It says there is currently no evidence that the data is publicly available.
According beepcomputerThe incident affects the company’s “My Rituals” member database, which has more than 41 million members. The same post also says that as of today, no threat actors have claimed responsibility for the incident.
Rituals has more than 12,000 employees worldwide and operates more than 1,400 retail boutiques and more than 4,800 luxury perfume stores in 33 countries.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
