Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Netherlands-based cosmetics giant Rituals has confirmed a data breach affecting customers’ personal information after hackers stole large amounts of data from its membership database.
Company The violation was revealed on Wednesday, according to an email sent to customers that TechCrunch viewed and verified.
Rituals said it identified an “unauthorized download” of member data in April that contained customers’ full name, date of birth, gender, mailing address, email and phone number as well as their preferred Rituals store and account type.
When contacted by TechCrunch, Rituals spokeswoman Eileen van Malsen said the hacker stole membership data about customers in Europe and the UK.
TechCrunch has learned that some of the customers reported by Rituals reside in the United States. The spokesperson confirmed that the incident also affects some American customers.
Rituals did not describe the nature of the cyberattack and the company said its investigations are ongoing to understand how the data breach occurred.
The cosmetics giant is the latest retailer to have customer membership data stolen last year, following a series of intrusions into… UK grocery chains and shopping co-ops and Marks & Spenceramong other things. Customer records can be attractive targets for hackers who steal data and blackmail the company for ransom in exchange for not publishing the information online.
When asked about the incident, a Rituals spokesperson declined to comment on whether the company had received any communication from the hackers, share a more precise timeline of the breach, or provide the exact number of affected members, citing unspecified “security reasons.”
according to Its websiteRituals has over 41 million customers in its membership database. The retail giant generated revenue of €2.4 billion ($2.8 billion) in 2025.
When you make a purchase through the links in our articles, We may earn a small commission. This does not affect our editorial independence.