Sephora

What Happened

In approximately January 2017, the beauty store Sephora suffered a data breach. Impacting customers in South East Asia, Australia and New Zealand, 780k unique email addresses were included in the breach alongside names, genders, dates of birth, ethnicities and other personal information. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".

Compromised Data

Dates of birth

Email addresses

Ethnicities

Genders

Names

Physical attributes

Recommended Actions

Monitor for Suspicious Activity

Watch for unusual login attempts, spam and phishing emails.

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password

Breach Overview

Affected Accounts:

780.1 thousand
Breach Occurred:

January 2017
Added to HIBP:

6 Oct 2019

Recommended Actions

Change Your Password

If you haven't changed your Sephora password since 2017, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

Check Other Accounts

If you used the same password elsewhere, change those too.

Monitor for Suspicious Activity

Watch for unusual login attempts or messages from your account.

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password

Sephora

What Happened

Compromised Data

Recommended Actions

Monitor for Suspicious Activity

Breach Overview

780.1 thousand

January 2017

6 Oct 2019

Recommended Actions

Change Your Password

Enable Two-Factor Authentication

Check Other Accounts

Monitor for Suspicious Activity

Services

Information