Sephora Australia country general manager Beth Glancey has weighed in on a data breach at the company.
In a statement to ragtrader.com.au, Glancey confirmed an incident in the past fortnight.
It follows similar breaches at Kathmandu, Princess Polly and Uniqlo.
Sephora issued an email to customers (pictured) alerting them to the breach.
"Over the last two weeks, we identified a security incident which potentially affects some customers who have used our online services in Singapore, Malaysia, Indonesia, Thailand, the Philippines, Hong Kong SAR, Australia and New Zealand.
"Based on the investigation to date, it appears the personal data of some customers may have been exposed to unauthorised third parties, including first and last name, date of birth, gender, email address and encrypted password, as well as data related to beauty preferences.
"We have no evidence that any personal information has been misused and can confirm that no credit card information was accessed.
"We have cancelled all existing passwords for customer accounts and thoroughly reviewed our security systems. We have reached out to our affected customers to explain what happened, and what steps they should take.
"We are also offering personal data monitoring services to all customers, where available and at no cost to them, through local third-party providers. Being transparent and protecting the safety of our customers’ information is our utmost priority."
Sephora is owned by LVMH with close to 20 stores across Australia.