Cyber criminals stole personal details from millions of Gucci, Balenciaga and Alexander McQueen clients in a ransomware attack on their parent company Kering.
Luxury Group confirmed that in April, the hacker obtained “temporary access” to its system and accessed customer records, although it insisted that it did not steal financial information such as card or bank details.
Traded data include names, email addresses, phone numbers, home addresses and the total amount the customer spends in the store. The hackers behind the violation called themselves a shiny hunter, claiming to hold data related to 7.4 million email addresses, suggesting a similar number of victims.
Kering said the affected customers had been contacted directly, although it has not been revealed how many people were affected. Legally, if a company alone notifies an individual, there is no need to make a public statement, but the scale of the violation has caused alarm throughout the industry.
A small portion of stolen data shared with the BBC includes thousands of customer records showing spending habits. Some people spent $10,000, while others were tagged at $86,000. Experts warn that this could put high-consumption customers in the face of targeted scams or phishing attacks.
“While there is no detailed information for a card or ID card, the exposure of names, contact information and purchase history poses serious risks. This type of data can reveal who your most valuable clients are, enabling cybercriminals to be targeted for compelling fantasy campaigns or for fraud.”
Shiny Hunters said they contacted Kering in June to demand a Bitcoin ransom, but the company denied participating in the negotiations, saying it followed law enforcement advice and refused to pay.
“In June, we determined that unauthorized third parties had access to our system and had limited customer data access from some of our homes,” a Colin spokesperson said. “No financial information (such as bank account numbers, credit card information or government-issued IDs) involved the incident.”
Kering added that its IT system has been secured and notified to regulators.
The violations occur in a wave of cyberattacks by luxury retailers. Cartier and Louis Vuitton also disclosed customer data breaches earlier this year.
Shiny Hunters is also tracked by Google as UNC6040, linked to a phishing intrusion by the company Salesforce Systems. The group has previously targeted technology companies and government contractors.
Google itself warned in June that the same collective attack was to trick employees into handing over login details.
White said Keeling’s vulnerability is a “wake-up” for the industry: “Businesses are often focused on ensuring payment details, but underestimate the value of other CRM data (from purchase history to loyalty activities).
Whether you are a global fashion house or a local retailer, investing in strong security and transparent communication is not just a legal obligation, but the way you protect customers’ trust and protect your brand reputation. ”
As online sales and app-based retail continue to grow, the luxury industry has become a major target for hackers given its affluent customer and global customer database.
