Gucci And Other Major Luxury Brands Hit By Data Breach
Gucci, Balenciaga, and Alexander McQueen - three major luxury fashion houses under French holding company Kering - have experienced a significant customer data breach tied to the notorious ShinyHunters hacking group. The breach, which occurred in April but was not confirmed for months after, involved unauthorized access to Kering’s systems and exposure of customer data.
ShinyHunters claims to have exfiltrated data from 7.4 million unique email addresses, including customer spending habits, and reportedly contacted Kering in June to negotiate a ransom. Kering denies engaging in any such negotiations. A sample of stolen files shared with the BBC appeared to be authentic and contained thousands of customer records. Experts have warned that this data could be weaponized in follow-on fraud attempts, particularly against high-net-worth individuals, making luxury brands especially attractive targets for cybercriminals.
The breach adds to a growing list of cyberattacks against luxury and retail brands in 2025, including incidents involving Dior, Adidas, Louis Vuitton, and others. Many of these attacks have been linked to ShinyHunters, who have exploited Salesforce instances through various techniques. Alarmingly, the attack on Kering may have preceded the public disclosure of the broader Salesforce exploitation campaign, suggesting that more affected companies may still be unaware of, or simply not reporting, their own breaches.
This incident serves as a critical wake-up call: organizations must prioritize cybersecurity investments in 2025 and 2026 to protect both their infrastructure and customer data. As AI-enabled or AI-driven attacks grow more sophisticated, legacy defenses are no longer sufficient. Businesses must adopt solutions like NIKSUN that offer deep visibility across their entire digital environment - from customer-facing apps to backend systems - to detect, investigate, and mitigate threats in real time. The cost of inaction is no longer theoretical: it’s unfolding in real time, and brands that fail to evolve their security posture will remain vulnerable in an increasingly automated threat landscape. Read more about this story on our LinkedIn page
ShinyHunters claims to have exfiltrated data from 7.4 million unique email addresses, including customer spending habits, and reportedly contacted Kering in June to negotiate a ransom. Kering denies engaging in any such negotiations. A sample of stolen files shared with the BBC appeared to be authentic and contained thousands of customer records. Experts have warned that this data could be weaponized in follow-on fraud attempts, particularly against high-net-worth individuals, making luxury brands especially attractive targets for cybercriminals.
The breach adds to a growing list of cyberattacks against luxury and retail brands in 2025, including incidents involving Dior, Adidas, Louis Vuitton, and others. Many of these attacks have been linked to ShinyHunters, who have exploited Salesforce instances through various techniques. Alarmingly, the attack on Kering may have preceded the public disclosure of the broader Salesforce exploitation campaign, suggesting that more affected companies may still be unaware of, or simply not reporting, their own breaches.
This incident serves as a critical wake-up call: organizations must prioritize cybersecurity investments in 2025 and 2026 to protect both their infrastructure and customer data. As AI-enabled or AI-driven attacks grow more sophisticated, legacy defenses are no longer sufficient. Businesses must adopt solutions like NIKSUN that offer deep visibility across their entire digital environment - from customer-facing apps to backend systems - to detect, investigate, and mitigate threats in real time. The cost of inaction is no longer theoretical: it’s unfolding in real time, and brands that fail to evolve their security posture will remain vulnerable in an increasingly automated threat landscape. Read more about this story on our LinkedIn page