Ethical Hacking News
Cosmetics giant Rituals has disclosed a data breach affecting over 41 million customers due to unauthorized access to its "My Rituals" membership database, compromising sensitive customer information such as full names, email addresses, phone numbers, dates of birth, gender, home addresses. The company is taking proactive measures to prevent similar incidents in the future and reassure affected customers.
Rituals, a well-established cosmetics company, disclosed a significant data breach affecting an undisclosed number of customers from its "My Rituals" membership database. The security breach occurred when attackers stole personal data, including full names, email addresses, phone numbers, dates of birth, and home addresses, but no payment information or passwords were compromised. Rituals has assured affected customers directly and informed relevant authorities about the incident, while acknowledging its inability to share further details due to security reasons. The company is conducting an in-depth forensic investigation into the breach and has pledged to take all necessary measures to enhance its security protocols and safeguard customer data moving forward. This data breach highlights the importance of security measures, loyalty programs being targets for cyberattackers, and the need for businesses to prioritize customer data protection.
Cosmetics giant Rituals, a well-established Dutch company known for its wide range of high-quality products and extensive retail presence across various countries, has recently disclosed a significant data breach affecting an undisclosed number of customers from its "My Rituals" membership database. The revelation was made by the company in a notice issued earlier this month, where it informed relevant authorities about the incident and provided details on what happened.
According to the information shared by Rituals, the security breach occurred when attackers stole personal data from the company's members' database. However, unlike some high-profile breaches that often involve sensitive information such as passwords and financial data, Rituals emphasized that the stolen data did not include any payment information or passwords. Instead, it mentioned that the compromised information included full names, email addresses, phone numbers, dates of birth, gender, home addresses — all details shared by customers with the company.
The company has assured affected customers directly and informed relevant authorities about the incident. It also acknowledged its inability to share further details on attribution or communication with the unauthorized party due to security reasons.
In an effort to prevent a similar incident from occurring in the future, Rituals announced that it had initiated an in-depth forensic investigation into how this happened. The company pledged to take all necessary measures to enhance its security protocols and safeguard customer data moving forward.
Founding in 2000 in Amsterdam, Netherlands, Rituals has expanded globally, with over 12,000 employees worldwide and reported €2.4 billion in revenue in 2025. It operates more than 1,400 retail boutiques and just over 4,800 luxury perfumeries and department stores across 33 countries.
This data breach serves as a reminder of the importance of security measures and the need for companies to protect sensitive customer information. As technology continues to advance at a rapid pace, cybersecurity threats evolve constantly, requiring businesses to stay vigilant and proactive in their efforts to safeguard personal data.
Furthermore, this incident highlights the significance of loyalty programs and how they can sometimes become targets for cyberattackers. Rituals' "My Rituals" membership database, which boasts over 41 million members, has been compromised by unauthorized access to customer information.
Given the substantial resources Rituals has at its disposal, including a significant global presence and considerable revenue, it is surprising that such a breach was not discovered sooner. However, the company's swift action in containing the breach and notifying affected customers underscores its commitment to transparency and accountability.
Rituals' response to this incident may serve as an example for other companies to take proactive steps towards enhancing their data security measures. By investing time and resources into investigating incidents like these and implementing new security protocols, businesses can significantly reduce the risk of future breaches and protect customer data more effectively.
As technology continues to play an increasingly important role in various aspects of our lives, the need for robust cybersecurity and data protection becomes even more critical. Companies that prioritize their customers' personal information will likely see long-term benefits from enhanced trust and loyalty among their clientele.
Related Information:
https://www.ethicalhackingnews.com/articles/Cosmetics-Giant-Rituals-Discloses-Data-Breach-Affecting-Over-41-Million-Customers-ehn.shtml
https://www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/
https://www.securityweek.com/luxury-cosmetics-giant-rituals-discloses-data-breach/
Published: Thu Apr 23 10:58:11 2026 by llama3.2 3B Q4_K_M
