Kering, the French parent company of Balenciaga, Gucci, and Alexander McQueen, has confirmed a cybersecurity breach that may have exposed the personal details of millions of its customers worldwide.
The incident, which occurred in April, involved the theft of sensitive data including customer names, email addresses, phone numbers, home addresses, and purchase histories. While Kering insists that no financial data or government IDs were compromised, the leak still poses a serious risk for victims.
What the Hackers Took
Cybercriminals operating under the alias “Shiny Hunters” claim to have stolen data linked to 7.4 million unique email addresses, suggesting the total victim count could be in the millions.
FCRF Academy Invites Legal Experts to Shape India’s First Comprehensive Cyber Law Certification
Perhaps most alarming is the inclusion of a “Total Sales” field, revealing how much each customer has spent with the brands. According to a sample reviewed by the BBC, some individuals had spent $10,000 ( ≈ ₹8.3 lakh) to $86,000 (≈ ₹71.4 lakh). Experts warn that such information could make high-spending customers prime targets for follow-up phishing attempts, scams, or fraud.
Hacker Profile and Tactics
Shiny Hunters, who spoke to journalists via Telegram, claim they breached Kering systems in April and later contacted the company to negotiate a ransom in Bitcoin. Kering denies any such negotiations, stating it has followed law enforcement advice not to engage with ransom demands.
The group has a well-documented history of high-profile cyber intrusions. Google’s cybersecurity team has previously warned of attacks linked to Shiny Hunters (also tracked as UNC6040), who typically trick employees into handing over login credentials to internal software like Salesforce.
Kering’s Response
In an official statement, Kering said:
“In June, we identified that an unauthorized third party gained temporary access to our systems and accessed limited customer data from some of our Houses. No financial information—such as bank account numbers, credit card details, or government-issued IDs—was involved.”
The company added that it has since secured its IT systems and notified relevant data protection authorities. While Kering has emailed affected customers directly, it has not disclosed the exact number of victims and is not legally required to issue a public statement as long as customers are notified individually.
Part of a Wider Trend
This breach comes amid a wave of cyberattacks on luxury brands. Cartier and Louis Vuitton disclosed similar incidents earlier this year, though it remains unclear whether those were connected to Shiny Hunters.
Cybersecurity analysts say luxury houses are increasingly vulnerable targets due to the high net worth profiles of their customers. Breaches that reveal spending patterns not only damage trust but also create opportunities for secondary crimes such as targeted scams, identity theft, and even extortion.
Expert Warnings and Safety Tips
The UK’s National Cyber Security Centre (NCSC) and industry experts advise customers to take immediate precautions if they suspect their data may have been compromised:
- Change your passwords and avoid reusing them across multiple accounts.
- Enable two-factor authentication (2FA) wherever possible.
- Be vigilant of phishing emails, suspicious messages, or calls that pressure you to act urgently.
- If contacted by someone claiming to be your bank, hang up and call the official number listed on your card or the bank’s website.
- Consider using passwords based on three random words for greater security.
A Crisis of Trust in Luxury Retail
The breach underscores a growing challenge for the luxury fashion sector: balancing digital expansion and e-commerce with robust cybersecurity practices. For customers spending thousands—or tens of thousands—of dollars per purchase, any compromise of data is more than just an inconvenience; it represents a direct threat to personal and financial security.
With Shiny Hunters still active and luxury brands increasingly targeted, experts warn this may be only the beginning of a larger wave of attacks aimed at some of the world’s wealthiest consumers.
