How did the breach happen?
The perpetrators orchestrated a sophisticated cyberattack that breached the security protections in place and allowed them to access usernames and passwords on the network. Immediately after SHEIN became aware of a potential attack, we hired a leading international forensic cybersecurity firm and international law firm to assess the threat. We have our internal IT team and external teams currently working on the investigation and are now confident the platform is secure.
Who was affected?
Our current understanding is that the cumulative number of customers affected is roughly 6.42 million. We are continuing to investigate to ensure we understand the full impact of the breach.
Was my personal information stolen?
Based on what we presently know, the cyber criminals stole email addresses and encrypted passwords. We will continue to update this information based on new findings. If you have information to share with us about a problem, we encourage you to reach out to PHONE NUMBER.
Was my credit card information stolen?
We have seen no evidence that your credit card information was taken from our systems and SHEIN typically does not store credit card information on its systems. If you believe your credit card information may have been compromised, we urge you to contact your bank or credit card company with any concerns. If you have information to share with us about a problem, we encourage you to reach out to PHONE NUMBER.
When will the site be safe to shop on again and how are you planning on helping those impacted by the breach?
The site is safe to visit. At this time, SHEIN is requesting that all customers reset their passwords to immediately protect their accounts. After completing the password reset process, customers should feel safe and confident about making purchases. In addition, in certain markets, SHEIN will offer a year of free identity theft monitoring to affected customers.
Are you providing customers identity theft monitoring?
We are offering one year of identity theft monitoring services to affected customers in certain markets. For more information, visit IDENTITY THEFT MONITORING URL or contact us at PHONE NUMBER.
[If applicable: Why aren't you offering identity theft monitoring where I live?]
[Need legal-approved language]
How can I get additional information?
You may continue to visit us here, at [insert URL]. We will update this page with any new information. You may also contact us at PHONE NUMBER.