Oriflame.ru

In September 2021 the Russian branch of the international cosmetics company Oriflame suffered a significant data breach. The incident led to the unauthorized disclosure of personal information belonging to approximately 5.5 million Russian customers. The leaked database was discovered on various dark web forums and included sensitive personal identifiers. Investigations revealed that the breach occurred due to vulnerabilities in the web infrastructure allowing attackers to export user records. Despite the scale of the exposure the company was only fined 30 thousand rubles by local authorities for failing to protect consumer data.