Back

Rituals Reports Data Breach Involving Member Information

Severity: Medium (Score: 51.9)

Sources: www.rituals.com

Summary

Rituals has confirmed an unauthorized download of member data, which occurred in April 2026. The compromised data includes full names, email addresses, phone numbers, dates of birth, genders, and addresses, but no passwords or payment information were accessed. The company acted quickly to stop the unauthorized download and has contained the situation. An in-depth forensic investigation is underway to understand the breach and prevent future incidents. Rituals has reported the incident to relevant authorities and informed affected members via email. They have not seen the extracted data become publicly available, but they advise members to remain vigilant against phishing attempts. The breach is not linked to previous birthday gift scam messages that circulated earlier. No immediate action is required from members. Key Points: • Unauthorized download of member data confirmed by Rituals. • Compromised data includes personal information but no financial details. • Investigation initiated to prevent future breaches and monitor data exposure.

Key Entities

  • Data Breach (attack_type)
  • Phishing (attack_type)
  • Rituals (company)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • rituals.com (domain)
  • T1566.002 - Spearphishing Link (mitre_attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed