Kering, the French group behind Gucci, Balenciaga, and Alexander McQueen, has confirmed a cyberattack that exposed personal details of millions of its customers.
The breach, carried out in April and claimed by the group known as ShinyHunters, included names, emails, phone numbers, home addresses, and records of how much individuals spent in luxury stores.
ShinyHunters claims it attempted to negotiate a ransom in Bitcoin, but Kering denies this claiming it did not pony up. The bad actors, who have a history of breaching major firms, are known to trick employees into giving up internal credentials to platforms such as Salesforce.
Fueling Scams
For some, the sums reached tens of thousands of dollars. One file reviewed by the BBC showed single customers spending between $10,000 and nearly $90,000. Experts say that such information, stripped of context and placed into the wrong hands, could fuel scams, phishing attacks, or attempts at extortion.
Kering has told regulators and affected customers that no credit card or government ID data was taken.
In a statement, the company said that in June 2025, it found that an unauthorized third party had temporarily accessed its systems and accessed limited customer data from some of its Houses. These brands immediately reported the intrusion to the relevant authorities and informed the customers in accordance with local regulations.
It added that no financial information, such as bank account or credit card numbers, nor any personal identification numbers, were compromised during this event.
The intrusion was quickly identified and appropriate measures were taken to secure the affected systems and prevent future incidents from happening, Kering said.
This attack is not an isolated case. In recent months, Tiffany and Dior (both under the LVMH brand) and Cartier have all reported similar breaches. Luxury houses have become regular targets, in part because their clientele often includes high-net-worth individuals.
Theft of identity data alone can be enough to open doors for fraud. Spending records raise the stakes further.
Value in Non-Financial Data
Michael Tigges, Senior Security Operations Analyst at Huntress, said the breach underlines how attackers see value even in non-financial data.
“The breach at Kering highlights how luxury retailers remain attractive targets for data theft, even when payment data isn’t exposed. While this information did not contain payment data, access to customers’ identity information can be a threat to an individual’s online security.
“It is important to secure all accounts with multi-factor authentication where possible, and use technologies such as password managers to prevent credential re-use. In addition, technologies such as Identity Threat Detection & Response (ITDR) are important to shore up defences against an individual’s online identity. The information contained in these personal information leaks can contain potent details to craft realistic phishing emails or fraudulently sign up or recover accounts on other services.”
Authorities advise victims to change their passwords, enable two-factor authentication, and remain wary of suspicious calls, texts, or emails.
The luxury world has long sold exclusivity. But the digital side of that experience now carries a different cost. With spending data exposed, the question for both companies and customers is no longer whether attacks will come, but how prepared they will be when they do.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.