SINGAPORE: French cosmetic company Clarins has been hit by a data security incident which"may involve" Singapore customers’ personal information, it said on Tuesday .
Log4j, which is an open-source software used to support activity-logging in many Java-based applications, was used to manage Clarins’ database containing personal data of its Singapore customers. Clarins became aware of the security breach when a staff member could not access its database. The data accessed may have included customers’ personal information such as name, address, email, phone number and Clarins loyalty programme status, it added.
In its statement, Clarins said it deeply regrets the incident, adding that it has “promptly” implemented security patches to prevent a recurrence of such an attack.