PCPD opens probe into Dior data breach impacting 1m consumers

The Hong Kong privacy watchdog has launched an investigation into an alleged data breach at luxury fashion house Dior that affected nearly one million customers in Hong Kong.

This comes after Dior apologised in May after an unauthorised external party had accessed some of the Chinese customer data it held, adding that the affected database did not contain any financial details.

The Office of the Privacy Commissioner for Personal Data (PCPD) said in a statement to MARKETING-INTERACTIVE that it received a report of a data breach from Dior on 16 May 2025 and has initiated an investigation into the incident according to established procedures. Preliminary estimates indicate that the personal data of around 950,000 customers in Hong Kong has been affected, including around 630,000 existing customers and 320,000 potential customers.

The personal data involved includes customers' names, genders, birth dates, ages, mailing or email addresses, phone numbers, official documents such as passport numbers and expiration dates, occupations, records of alleged fraud and international sanctions, as well as signatures.

The PCPD has urged potentially affected individuals to remain vigilant against the misuse of personal data and to take various measures to protect their privacy, such as changing online account passwords, enabling multi-factor authentication, monitoring personal emails or accounts for any unusual login activity, reviewing bank statements to check for any unauthorized transactions, and being cautious of unknown or suspicious phone calls, messages, or emails.

MARKETING-INTERACTIVE has reached out to Dior for a statement. 

Don’t miss: Dior apologises over unauthorised China data leak

According to a customer notice seen by MARKETING-INTERACTIVE, Dior said that it found out on 7 May that a third party had accessed certain customer data without authorisation. The impacted data includes customers' names, gender, phone numbers, email addresses, mailing addresses, purchase amounts, shopping preferences, and other user data gathered by the brand.

The incident has triggered widespread concerns among Chinese netizens. A check by MARKETING-INTERACTIVE saw on Xiaohongshu that many customers who received Dior's text message were worried about their data being misused, while some said they thought this was a scam.

Take your brand to new heights with cutting-edge AI strategies, innovative technology, and data-powered experiences. Don’t miss Digital Marketing Asia 2025 in Hong Kong on 20-21 October, where 200+ marketing leaders will explore game-changing trends, proven successes, and bold ideas shaping the future.

Related articles:

Dior apologises over unauthorised China data leak
Dior taps F1 racer Lewis Hamilton as new brand ambassador
Dior postpones Hong Kong menswear show 'indefinitely'