What happened
According to public breach records, the SHEIN data breach on June 1, 2018 is reported to have exposed the personal information of 39,086,762 accounts.
In June 2018, online fashion retailer SHEIN suffered a data breach. The company discovered the breach 2 months later in August then disclosed the incident another month after that. A total of 39 million unique email addresses were found in the breach alongside MD5 password hashes.
Passwords in this breach were reportedly stored as MD5 hashes.
In September 2018, fashion retailer SHEIN disclosed a "concerted criminal cyber-attack" that began in June 2018 and continued through early August, in which backdoor malware planted on its servers was used to steal customer email addresses and password credentials. SHEIN detected the intrusion internally in August 2018 (roughly two months after it began), then publicly disclosed it, and it engaged a forensic cybersecurity firm and law firm to investigate while scanning for and removing the backdoor malware. The exposed passwords were stored as MD5 hashes, the company reported no evidence that payment card data was taken, and it offered affected customers password resets and identity-theft monitoring.
What data was exposed
The following types of personal data were compromised:
- Email addresses
- Passwords
Breach details
| Detail | Value |
|---|---|
| Breach name | SHEIN |
| Date | June 1, 2018 |
| Accounts affected | 39,086,762 |
| Domain | shein.com |
This summary is compiled from public breach-notification data and known leak databases. Figures reflect what those sources report and may be revised as more is learned. If something here looks wrong or you think your information is involved, contact our support team.
We report breaches as a factual record to help people check their exposure. Inclusion here is not an allegation of wrongdoing or negligence by SHEIN; it reflects a publicly reported security incident.
What to do now
Based on the data exposed in this breach, here are the steps you should take:
- Change your SHEIN password immediately, and change it anywhere else you reused the same password — the stolen passwords were stored as MD5 hashes, which are weak and crackable.
- Enable two-factor authentication on your SHEIN account and on any account that shared the breached password.
- Be alert for phishing emails referencing SHEIN or your order history, since exposed email addresses are commonly used for targeted scam messages.
- Use a password manager to set a unique password per site so a future credential leak can't be replayed against your other accounts.
Check your exposure
Data breaches are one of the ways your personal information ends up on data broker sites. Run a free scan to see which sites are exposing your personal data — and take action to remove it.
Sources
- Have I Been Pwned: SHEIN Data Breach
- Breach at US Retailer SHEIN Hits Over Six Million Users - Infosecurity Magazine
Find out what data brokers know about you
Run a free scan to see which sites are exposing your personal information — name, phone, address, email, and more.
Start your free scan →