tarte is back in the headlines less than a week after landing in hot water over a racist meme post. This time, the makeup brand is the center of a “security breach” that exposed the personal information of over 1,000 customers. I took it upon myself to find out what happened and it’s a wild ride, so buckle up.
First, people who had recently ordered from the company woke up the morning of September 25 to find upwards of 60 emails from tarte. At first glance, it looks like an order confirmation that was accidentally sent over 50 times.
But looking closer, you can see that each email is addressed to someone new and holds different confirmation numbers:
https://twitter.com/Chelated_Zinc/status/912284914246209538
MORE: Garnier’s Micellar Cleansing Water May Be Contaminated Reddit user @hopelessmuse shared via Makeup Addiction, ?When you clicked on the order status link in the e-mail, it took you to the Tarte website and gave you even more personal info: the last 4 digits of the credit card they used and their personal phone number.? Others also claimed to see home addresses, so I kept digging.
When @hopelessmuse finally reached out to tarte, she reported that the brand encouraged consumers to simply delete the emails in question: ?they are aware of the situation and dealing with it. i asked how they were dealing with it and was told they are telling everyone simply to delete the e-mails. You have the identities and personal info of more than 50 peop...