Luxury conglomerate Kering has confirmed a significant data breach affecting millions of customers of its major brands, including Gucci, Balenciaga, and Alexander McQueen. The breach, which was carried out by a hacking group known as Shiny Hunters, resulted in the theft of personal information such as names, contact details, home addresses, and details of customers’ spending. While Kering has not publicly stated the exact number of individuals impacted, the BBC reports that Shiny Hunters claims to have obtained 7.4 million unique email addresses.
The hackers accessed Kering’s systems in April and attempted to extort a ransom from the company. However, the negotiations failed, and Kering refused to pay. The BBC revealed that the hackers then shared a sample of the stolen data with the broadcaster, which found the information to be authentic. Kering has since notified data protection authorities about the incident.
According to a Kering spokesperson, the company discovered in June that an unauthorized third party had gained temporary access to its systems and compromised a limited amount of customer data. They emphasized that no financial information—such as bank account numbers, credit card numbers, or government-issued IDs—was involved in the breach. This is a crucial detail, as it means customers’ bank accounts and credit cards are not at direct risk.
While financial data was not compromised, the nature of the stolen information is still a cause for concern. The hackers now possess details of customers’ spending at these high-end stores. The BBC has reported that some of the affected customers were high spenders, with some individuals spending as much as $86,000. This makes them potential targets for further scams and phishing attacks, as the leaked data could be used to craft highly personalized and convincing fraudulent messages.
The luxury retail sector has become a frequent target for cybercriminals due to the valuable data they hold. This incident highlights the ongoing risk posed by sophisticated hacking groups like Shiny Hunters. As a result, consumers of these brands should be vigilant against any suspicious communications and consider changing their passwords to enhance their personal security.
Reference:
