Napoleon Perdis is Australia’s top prestige make-up brand, with a 25-year history in the country, 30 stores and 350 independent stockists.
The company was listed in a post on an infamous hacking forum by almost equally infamous threat actor 2019, who claimed to have stolen 339,100 customer records.
According to the post, the data includes first names, postal addresses, mobile numbers, email addresses, loyalty points, monetary value of said points, transaction history, total spending, customer price groups, customer ID details, account creation dates and latest record update timestamps.
Unlike ransomware operators, 2019 has released the allegedly stolen data publicly for free, inviting other cyber criminals to use it for financial fraud, scams, and more.
Cyber Daily has reached out to Napoleon Perdis for more information and is currently awaiting a response.
Who is 2019?
The threat actor 2019 is a relatively new player in the cyber crime space, having appeared in January 2026.
Of late, the threat actor has listed a large number of Australian victims, including MMJ Real Estate, the Melbourne International Film Festival (MIFF), the Australian Centre for the Moving Image (ACMI), and Centrelink; however, Services Australia denied the Centrelink incident.
Most recently, 2019 listed ASX share market news and research firm Kalkine Media, claiming to have stolen the personal data of over 2,900 customers.
According to the listing, allegedly stolen data includes customer names, ID numbers, email addresses, phone numbers, call status details, call ID details and more. According to threat researcher Dark Web Informer, some details pertain to what appears to be agentic AI call recordings.
Like with Napoleon Perdis, the data was available for download for free.
The threat actor also targets entities in the US, Italy, France and New Zealand.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
