Chanel has confirmed a data breach that affected its U.S. client care database. The news first came from WWD on Friday. The incident happened on July 25 and involved unauthorized access to a database managed by a third-party provider.
A company spokeswoman confirmed the incident, saying: “The investigation indicates that there was unauthorized access to this database. There was no malware deployed to our systems, and our operations remain unaffected.”
She added that Chanel immediately activated their incident response protocols and brought cybersecurity experts on board to aid their investigation.
The information exposed was limited. Names, emails, mailing addresses, and phone numbers of clients who contacted Chanel’s U.S. client care centre were accessed. Sensitive details such as payment information and passwords were not affected. Chanel’s internal systems and e-commerce platforms remain secure.
Once the breach was discovered, Chanel moved quickly. The company activated its incident response plan and brought in cybersecurity experts. Affected customers have been notified and given guidance on how to avoid phishing attempts. Chanel warned clients that it will never ask for passwords or sensitive data via unsolicited calls or emails.
This breach is part of a wider trend in retail cyberattacks. Many companies using popular CRM platforms like Salesforce are now targets. The hacking group Shiny Hunters is believed to be behind this attack. They have a history of targeting customer data through prolonged campaigns.
Other retailers have faced similar issues in recent months. The North Face, Adidas, Victoria’s Secret, and Dior have all reported breaches or cyber incidents. UK retailers such as Harrods, Marks & Spencer, and the Co-op have also been affected. However, it has been reported that another group, Scattered Spider, was behind the M&S and Co-op attacks, certain members of which have been affiliated with, and use similar tactics to ShinyHunters, muddying attribution.
Salesforce Users in the Crosshairs
“The Chanel breach is just the latest incident in a sweeping cybercrime wave orchestrated by the ShinyHunters group, which has been targeting Salesforce users in several countries since early 2025,” said Chris Hauk, Consumer Privacy Advocate at Pixel Privacy.
“The bad actors gain access to an organization’s Salesforce instance the old-fashioned way, by tricking users into providing their login credentials to a malicious app, using the login to breach their data.”
Hauk says while no customer financial information was reportedly revealed in the breach, there was enough data revealed to allow the criminals to phish for additional information, by posing as Chanel employees via texts, emails and calls. “Customers need to stay alert for such attempts.”
Paul Bischoff, Consumer Privacy Advocate at Comparitech, added: “Fortunately, no information that could be used to directly hack or steal from Chanel customers was leaked. Chanel customers should be on the lookout for targeted phishing messages in their email and texts from scammers posing as Chanel or a related company. Never click on links or attachments in unsolicited messages!”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.