Data leak at perfumery chain Rituals
The perfumery chain Rituals is currently informing customers via email about the outflow of member data to unauthorized persons.
(Image: heise medien)
Customers with an online account at the perfumery chain should be particularly wary of possible phishing. The provider is currently informing customers via email about an IT incident in which unauthorized people have downloaded member data.
(Image:Â heise medien)
Rituals also provides a FAQ on its website with some information. According to this, personal data is affected: The company names full name, email address, phone number, date of birth, gender, and residential address. However, passwords or payment information are not impacted.
Break-in in April
The incident occurred “in April”; Rituals does not provide more precise information. Although the company has initiated investigations to determine measures to be taken based on the causes and has informed the responsible authorities, Rituals does not provide details, for example, through which security vulnerability cybercriminals gained access to the data.
At least, according to Rituals' own statements, it has no knowledge that the copied data has been published. However, the company wants to continue to “monitor this closely.” At the time of reporting, there is no indication of this data leak and its perpetrators on the usual darknet leak sites.
Videos by heise
Customers can and do not have to do anything, explains the provider. However, they should be vigilant about phishing. In addition, identity theft can potentially be committed with the data. Those who now want to delete their account can use the contact form and select the item “Right to deletion of my personal data.”
The fashion chain Zara has also recently fallen victim to an IT incident with a data leak. There, the criminal organization ShinyHunters copied data and published it on the darknet this Wednesday.
(dmk)
