Dutch cosmetics giant Rituals disclosed a data breach after attackers stole the personal information of an undisclosed number of customers from its "My Rituals" membership database. The company revealed the security incident in a Wednesday notice, saying that the breach was discovered earlier this month after it was alerted to unauthorized downloads of its members' data. Rituals has notified relevant authorities of the incident and has since contained the breach by blocking the attackers' access. It also added that it has yet to find evidence that the stolen information has been leaked online. "The personal data involved (to the extent you have shared it with us) may include full name, email address, phone number, date of birth, gender, home address. We can confirm that no passwords or payment information were accessed," Rituals said. "We have initiated an in-depth forensic investigation to understand how this happened and what measures we can take to prevent a similar incident in the future. We have also reported it to the relevant authorities." The company says the data breach affects members of its My Rituals loyalty program, which offers exclusive rewards, gift-with-purchase benefits, and birthday gifts. While a Rituals spokesperson didn't share how many customers have been affected by this data breach, the company says its My Rituals has over 41 million members. TechCrunch, which first reported the incident, said Rituals also notified some customers in the United States. "We have informed affected customers directly and have reported the incident to the relevant authorities," the spokesperson also told BleepingComputer when asked for more details. "For security reasons, we’re not able to share further details on attribution or comment on any potential communications with the unauthorised party."