Do you have an online account with Sephora? Or knows someone who has?
On July 31, the French cosmetics and beauty products retailer discovered a data breach which happened some two weeks ago.
Based on an email sent out to its customers, apparently folks from the from Singapore, Indonesia, Malaysia, the Philippines, Thailand, Australia, Hong Kong, New Zealand, had their personal information compromised.
Sephora Southeast Asia managing director Alia Gogi said that among the information that were exposed included the first and last names of customers, their birth dates, gender, email addresses, encrypted password and data pertaining to "beauty preferences".
In short: Change your password immediately.
In case you're wondering, nope, credit card information has not been breached, according to Gogi. She explained that Sephora has "no reason to believe that any personal data has been misused".
The company has taken measures such as cancelling all existing passwords for accounts of customers and reviewing the security systems. Independent experts have been roped in to investigate the breach.
While apologizing, Gogi is calling for Sephora online account holders to change their passwords.
“We are also offering a personal data monitoring service, at no cost to you, through a leading third-party provider,” she said.
You can register for the personal data monitoring service which will be available until November 30. However, this is only available to select countries.
Cover image sourced from Fortune.
Gloss