Leak at Clarins
French luxury skincare group Clarins confirmed in September 2025 that the Everest extortion gang had exfiltrated contact details of customers in France, the US and Canada; the actor claimed over 600,000 records, with no financial data affected.
- Victim
- Clarins
- records
- 600.0K
On 18 September 2025, Clarins β the French luxury skincare and cosmetics group β notified customers that some of their personal data had been illegally downloaded by a third party. The disclosure followed the appearance of Clarins data on the dark-web leak site of the Everest extortion gang, which claimed to have stolen the records of more than 600,000 customers across France, the United States and Canada.
The exposed information consisted of customer contact and account details rather than payment data. Clarins stated that no bank account numbers, credit card numbers or passwords were compromised.
Categories of data reported as exposed include:
- Full names
- Dates of birth
- Postal addresses
- Phone numbers
- Email addresses
- Purchase history (skincare, makeup and other categories)
Clarins said it had acted immediately to address the issue, reinforcing its security protocols and putting in place procedures to support affected customers, and described the incident as under control. The breach was attributed to the Everest group, which published the data on its leak site; no ransom payment has been reported.
Sources
- usine-digitale.frhttps://www.usine-digitale.fr/article/clarins-victime-d-une-cyberattaque-les-donnees-personnelles-des-clients-exposees.N2237935
- cybernews.comhttps://cybernews.com/security/clarins-user-data-breach-everest/
- incibe.eshttps://www.incibe.es/en/incibe-cert/publications/cybersecurity-highlights/clarins-data-breach-impacts-more-600000-customers
- strategies.frhttps://www.strategies.fr/actualites/culture-tech/LQ5115117C/clarins-victime-dune-fuite-de-donnees-personnelles.html