French cosmetics firm Clarins struck by a data breach incident

February 9, 2022
French Cosmetics Firm Clarins Data Breach Incident Cyberattack Singapore Cybersecurity

Clarins, a French cosmetics firm based in Singapore, has suffered a data breach incident in their system, impacting Singaporean customers’ sensitive information. The cosmetic firm stated on its official website that a critical flaw caused the data breach incident in an abundantly utilised software called Log4j.

Log4j is widely known as an open-source software utilised to aid activity-logging in all Java-based applications. It is also used by Clarins’ database consisting of personal data of their Singaporean clients.

The cosmetics company noticed the breach when one of its staff members could not access its database. From their statement, the Log4j that affected their database was immediately fixed hours after the security patch release.

The data breach collected numerous sensitive information from the Clarins’ system, including customer names, addresses, email addresses, phone numbers, mobile numbers, and their “Clarins Loyalty Programme Status.”

 

The investigation revealed that the data exfiltration against Clarins did not include any credit card information, payment details, or password during the incident.

 

Singapore’s Minister of Communication and Information stated that their law enforcement agencies and cybersecurity teams are checking and repairing government systems to counter the effects of the Log4j critical flaw.

According to Clarins, they deeply regret the incident, but they assured everyone that they are implementing security measures to prevent a similar attack from occurring against them. They also added that they work closely with experts to address the incident.

The cosmetics company also advised consumers to modify their passwords and treat unwanted calls, emails, and texts with extreme caution. Individuals who have been robbed with passwords and payment details should always keep their guards up and look out for attempted identity theft.

The citizens of Singapore, especially customers of Clarins, should employ the services of experts to mitigate any future effect that the data breach has caused.

About the author