Dkhoon Emirates, a well-known fragrance brand recognized for previous partnerships with Mariaceleste Lombardo and Dominique Moellhausen, has fallen victim to a significant data breach. A cybercriminal has openly taken credit for the attack and is allegedly selling the compromised databases on the dark web. The Dkhoon Emirates data breach potentially exposes personal information from approximately 1,187,492 customer records.
The threat actor, Ddarknotevil, also denoted that these documents are said to contain sensitive information such as complete identities, phone numbers, email addresses, and physical addresses. The asking price for this data is set to $4,800 for a one time deal with transactions limited to XMR and BTC.
Dkhoon Emirates Data Breach Claims Surfaces on Dark Web
If there are no buyers for the information, the cybercriminal responsible for the possible Dkhoon Emirates data breach has made claims, threatening to make the data public. Although the authenticity of these accusations is still unknown, Dkhoon Emirates users need to be on the lookout for any potential phishing attacks.
The Cyber Express has reached out to Dkhoon Emirates for clarification and further information regarding the alleged breach. But as of this writing, no formal answer or comment has been received. As a result, the assertions regarding the Dkhoon Emirates data leak are now unsubstantiated.
Interestingly, Dkhoon Emirates is relatively new to the market and has a collection of 22 perfumes in its fragrance base. The threat actor has not disclosed how they obtained the information or whether they plan to negotiate a ransom deal. Rather, the databases are being sold directly on a well-known dark web forum.
Cyberattack on Fashion and Lifestyle Brands
The Dkhoon Emirates cyberattack joins a trend of targeting fashion and lifestyle brands. One of the most well-known examples of this threat is the hack that happened barely a year ago against Estée Lauder Companies (ELC). Estée Lauder had to take down sections of their network to prevent further data theft, while Dkhoon Emirates is allegedly coping with an issue involving a persistent threat actor.
Notably, the threat actor linked to the Dkhoon Emirates data leak has a history of involvement in prior cyberattacks. The same threat actor claimed responsibility for a breach that in March 2024 affected 3,800 users of cloud solutions provider Okta. On closer inspection, however, contradictions in the claims were found, refuting the allegation that the breach was merely a renaming of previously stolen content.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
