Dior fell victim to a cyber-security attack

There is no sign of improvement in the luxury market; on the contrary, between the employee layoffs of recent months, increasingly severe financial reports, and a less interested clientele, 2025 does not seem to have brought the expected winds of recovery. Now, a new problem is emerging, related to the security of customer data. Yesterday, WWD reported that, earlier this month, Dior China was the victim of a cyberattack targeting the personal information of customers in the fashion and accessories divisions. Potentially affected customers were subsequently contacted by the Maison’s team through official communication. According to the statement, on May 7, 2025, unauthorized access by external actors to part of the customer data held by the brand was discovered. Dior specified that immediate measures were taken to prevent further breaches, with the assistance of cybersecurity experts and by notifying the relevant regulatory authorities. Based on the current progress of the investigation, the potentially compromised personal information includes name, gender, phone number, email address, residential address, consumption level, preferences, and other information provided by users, while no financial data such as bank account numbers, IBANs, or credit card information appear to have been involved. As of now, the LVMH-owned Maison has not disclosed how many customer profiles were affected, but on RedNote (one of China’s major social media platforms) hundreds of screenshots of the official communication have been posted.

As JingDaily pointed out, the incident has shed light on Dior’s digital vulnerabilities in the Chinese market, precisely at a time when the brand had intensified its online presence through targeted investments on platforms like WeChat, with mini-programs encouraging curious customers to register and purchase directly. In recent years, Dior has made data collection, such as phone numbers and dates of birth, a cornerstone of strengthening personalized client management and proprietary traffic. While this strategy enabled the creation of extremely detailed consumer profiles, it also inevitably exposed the brand to new risks in a context where consumer trust is crucial and where the perception of exclusivity is increasingly tied to the ability to guarantee security and discretion. Making matters worse is the growing sensitivity of high-spending Chinese consumers towards privacy protection, which renders incidents like this even more damaging. JingDaily emphasizes that this is not just a technical issue but a potential blow to the trust relationship upon which much of the competitiveness of luxury brands is based. Customer reactions have not been positive, particularly considering that this is not the first time the French Maison has fallen victim to cyberattacks: back in February, Dior’s official Instagram account was hacked to promote a fake cryptocurrency called “Dior official coin”.

In a context where the ability to build strong, trust-based relationships represents a key competitive advantage, incidents like these risk directly undermining the bond between brand and customer. The loss of personal data, especially in the luxury segment, is not perceived merely as a technical flaw but as a breach of the promise of attention, care, and discretion that sustains the brand’s value. Values that, in a period of crisis like the current one, become an essential — if not primary — part of the sales process. At present, it is still unclear what the attackers’ objective was, but it is evident that the attack specifically targeted the brand’s high-end clientele, considering that Dior’s beauty segment was not affected. This raises a new question: Will cybersecurity become the real challenge for the luxury sector in 2025?