Christian Dior Data Breach Exposes Sensitive Client Info

Christian Dior Couture SAS experienced a data breach affecting a database containing personal information of Dior clients. The breach discovered on May 7, 2025, and an investigation determined that a cybercriminal accessed the Dior database on Jan. 26, 2025.

The data breach was also disclosed to the California, Massachusetts, New Hampshire, Texas, Washington, and Vermont Attorneys Generals' offices on July 18 and July 21, 2025, respectively. The incident is considered severe due to the nature of the data exposed, which could be used in identity theft or fraud schemes if obtained by malicious actors.

Information Exposed:

• First and last names
• Contact information
• Addresses
• Dates of birth
• Passport or government ID numbers
• Social Security Numbers

How many people are affected?

The total number of people affected nationwide has not been disclosed. However, disclosures have been made on a state-by-state basis.

Impact by State:

• Washington: 10,878 residents
• Texas: 9,716 residents
• California: at least 500 residents (the statuary minimum number requiring a data breach disclosure)
• New Hampshire: 175 residents
• Massachusetts: 7 residents

Christian Dior Couture SAS’s response

Christian Dior Couture SAS contained the incident and engaged cybersecurity experts to investigate and secure their systems. The company is also offering 24 months of Experian IdentityWorks credit monitoring services.

If you receive a notice from Christian Dior about this breach, you may want to:

• Sign up for the 24 months of free Experian IdentityWorks credit monitoring services, offered by Christian Dior.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.