Fashion Industry Under Attack: What you need to know

Back in May 2025, we shared news about a major data breach at Dior (Dior Data Breach), which exposed personal information of customers across Europe and Asia—names, email addresses, phone numbers, and even shopping history. The timing couldn’t have been worse: it happened just before Dior’s big fashion show in Rome.

What’s Happened Since Then?

The situation has grown. It turns out that U.S. customers were also affected, and Dior had to notify people in California that their data may have been compromised. While no credit card numbers were stolen, the personal details that were leaked could still be used in scams or phishing attempts.

And Dior isn’t alone. Other big names like Marks & Spencer, Cartier, Adidas, and The North Face have also been hit by cyberattacks in recent months. A group called DragonForce has been linked to many of these incidents. They often start with a simple trick, like sending a fake email that looks real, hoping someone clicks a bad link.

In some cases, the hackers didn’t even need to break in. For example, The North Face was attacked using old passwords that had been leaked from other websites. And Adidas was affected because one of their customer service partners had weak security.

The common thread? Human mistakes:

• Clicking on suspicious emails.

• Reusing the same password on multiple sites.

• Trusting third-party companies that don’t have strong security.

How to Stay Safe as a Fashion Brand or Business:

• Check that your vendors and partners follow good cybersecurity practices.

• Teach your team how to spot suspicious emails.

• Keep customer data secure and limit who can access it.

• Update your systems regularly to fix known security issues.

How to Stay Safe as a Shopper:

• Use a different, strong password for each website.

• Turn on two-factor authentication when available.

• Be careful with emails that ask for personal info or urge you to click links.

• Make sure websites are secure (look for “https” in the address bar) before entering payment details.

These attacks show that cybersecurity isn’t just a tech issue—it’s a people issue. Whether you’re running a business or just shopping online, staying informed and cautious can make a big difference.