Dior data breach exposes personal details of nearly 1m HK customers: PCPD

French luxury brand Dior has disclosed a significant data breach that compromised the personal information of approximately 950,000 customers in Hong Kong, including 630,000 existing clients and 320,000 potential customers. 

The unauthorized access, first discovered in May 2025, exposed sensitive details such as names, genders, birth dates, contact information, passport numbers, occupations, and even records related to fraud allegations and international sanctions.  

The Office of the Privacy Commissioner for Personal Data has launched an investigation into the incident and issued a warning urging affected individuals to remain vigilant against potential misuse of their information.

Authorities have advised customers to change their online account passwords, enable multi-factor authentication where available, and carefully monitor their bank statements for any suspicious activity.

Additionally, the public has been cautioned to be wary of phishing attempts through emails, text messages, or phone calls that may exploit the leaked data.  

In a statement released on May 15, Dior confirmed that immediate action was taken to contain the breach with the assistance of cybersecurity experts and continue to investigate the incident.

The company emphasized that no financial data, including credit card or banking details, was accessed during the incident. 

Dior has apologized for any inconvenience caused and encouraged concerned customers to reach out for further assistance.