Dutch cosmetics big Rituals disclosed a data breach after attackers stole the private data of an undisclosed variety of prospects from its “My Rituals” membership database.
The corporate revealed the security incident in a Wednesday discover, saying that the breach was found earlier this month after it was alerted to unauthorized downloads of its members’ knowledge.
Rituals has notified related authorities of the incident and has since contained the breach by blocking the attackers’ entry. It additionally added that it has but to seek out proof that the stolen data has been leaked on-line.
“The private knowledge concerned (to the extent you’ve shared it with us) might embody full title, electronic mail handle, telephone quantity, date of delivery, gender, residence handle. We will verify that no passwords or fee data had been accessed,” Rituals mentioned.
“We’ve got initiated an in-depth forensic investigation to know how this occurred and what measures we are able to take to stop an identical incident sooner or later. We’ve got additionally reported it to the related authorities.”
The corporate says the data breach impacts members of its My Rituals loyalty program, which provides unique rewards, gift-with-purchase advantages, and birthday items.
Whereas a Rituals spokesperson did not share what number of prospects have been affected by this data breach, the corporate says its My Rituals has over 41 million members. TechCrunch, which first reported the incident, mentioned Rituals additionally notified some prospects in the US.
“We’ve got knowledgeable affected prospects straight and have reported the incident to the related authorities,” the spokesperson additionally advised BleepingComputer when requested for extra particulars. “For security causes, we’re not capable of share additional particulars on attribution or touch upon any potential communications with the unauthorised celebration.”
Rituals has additionally but to reveal the character of the cyberattack, and no cybercrime teams or risk actors have claimed duty for the breach.
Based in 2000 in Amsterdam, Netherlands, Rituals now has over 12,000 staff worldwide and reported €2.4 billion in income in 2025. Rituals additionally operates greater than 1,400 retail boutiques and simply over 4,800 luxurious perfumeries and department shops throughout 33 international locations.
Replace April 23, 10:16 EDT: Added Rituals assertion.
AI chained 4 zero-days into one exploit that bypassed each renderer and OS sandboxes. A wave of latest exploits is coming.
On the Autonomous Validation Summit (Might 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls maintain, and closes the remediation loop.
Declare Your Spot
