(844) 627-8267 | Info@NationalCyberSecurity
(844) 627-8267 | Info@NationalCyberSecurity

Sephora Customer Gets Hacked and Loses 4,000 Rewards Points | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

A Sephora customer says her account was hacked, leading to the hacker redeeming her 4,000 rewards points.

In her video, which has drawn over 828,000 views, TikToker @aheatedmess says she received an email confirmation for an order placed with a shipping address that she did not recognize.

“I immediately changed my password to my account,” she said in the video. “I called customer service. They were very nice, and they said, ‘OK, no worries. We will reimburse your points; there’s no loss. And we’ll cancel the order.’”

However, @aheatedmess said the cancellation was only a request shared with the shipping partner, and the package went out anyway. Concerned that the recipient would have a packing slip with her full name, phone number, email, and current address, the TikToker reached out to customer service again to have the package rerouted but said she was brushed off.

“I thought it’s a valid security concern, so I called customer service back, and I was like, ‘Can you please—this should have been canceled. I don’t know why it was shipped out. Can you recall the package? As the shipper, can you request whoever you ship with? Just request it back. … They kept saying, ‘No, we can’t do that,’ and they kept escalating it. Finally, it got to some manager or something, and she got on the phone and was like, ‘Mmm, what are you concerned about?’”

@aheatedmess ♬ original sound – aheatedmess

Per the Sephora website, customers can redeem 500 rewards points for $10 discounts, meaning that @aheatedmess had about $80 worth of discounts. Points can also be redeemed for individual products offered through the retailer, such as deluxe samples of high-end beauty products. Customers earn one point for each dollar they spend at the beauty retailer.

In a follow-up video, @aheatedmess shared that she located the apartment complex the package was headed to. She was considering calling the police and the apartment’s main office to see if they could take hold of the package, as she is listed as the package’s recipient.

Multiple viewers commented that they’d also experienced Sephora account hacks, with the uninvited party attempting, sometimes successfully, to purchase items through their account.

“I had this happen,” one commenter wrote. “Luckily I got an email immediately that my shipping address had changed. It was a condo in LA and it was 19000 points.”

“This EXACT same thing happened to me in january with sephora,” a second said. “they didn’t cancel the order despite me saying to and said that I SCAMMED MYSELF?”

“They did nothing for me,” another added. “I lost 8500 points after buying everything for my wedding and all makeup for my bridesmaids. I felt robbed.”

The Daily Dot contacted @aheatedmess via Instagram direct message and Sephora via email for further information.

We crawl the web so you don’t have to.

Sign up for the Daily Dot newsletter to get the best and worst of the internet in your inbox every day.

*First Published: Jun 11, 2023, 8:34 am CDT

Brooke Sjoberg

Brooke Sjoberg is a freelance writer for the Daily Dot. She graduated with her Bachelors in Journalism from the University of Texas at Austin in 2020.


Click Here For The Original Story From This Source.

National Cyber Security