Clinique allegedly breached, 200K+ customers exposed

Skincare products maker Clinique, a subsidiary of cosmetics giant Estée Lauder, has reportedly had the data of over 700K customers exposed in a breach.

Attackers have shared several datasets on a data leak forum, alleging that the information was taken from the Spanish branch of the popular skincare products maker Clinique.

According to the Cybernews research team, the data sample provided on the forum indicates that the data is legitimate.

We have reached out to Clinique for comment but did not receive a reply before publishing.

The attackers claim that the dataset includes sensitive customer information, such as names, surnames, addresses, emails, phone numbers, dates of birth, and other information.

The post indicates that the company’s customer data may have been accessed by breaching Clinique’s loyalty program. Certain data points included in the supposed leak support such claims.

Clinique forum
Attackers' post on a data leak forum. Image by Cybernews.

Clinique forum

The attackers claim to have accessed several datasets, with one containing information on over 200,000 customers and the other holding over 600,000 email addresses.

We could not independently verify whether the attackers’ claims on the exact numbers of supposedly stolen data are accurate.

Clinique is a skincare product brand owned by Estée Lauder Companies, an American multinational cosmetic company with revenues exceeding $17 billion.

More from Cybernews:

Hello Alfred app exposes user data

United Nations creates advisory body to address AI governance

Spotify is down, Anonymous Sudan claims attack

Workloads in cybersecurity still increasing, burnout an issue

Google announces AI bug bounty program

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked