Luxury giant Kering SA, parent of Gucci, Saint Laurent and Balenciaga, says hackers accessed limited customer data in a breach discovered in June.
Why it matters
While no financial or ID details were exposed, hackers claim to hold data tied to 7.4 million email addresses and spending histories — a goldmine for phishing and scam attempts targeting high-spenders.
Key things to know
- Kering told the BBC the breach did not involve bank account numbers, credit card details or government-issued IDs.
- The attackers, calling themselves Shiny Hunters, said they infiltrated Kering’s systems in April.
- They shared a sample dataset with the BBC showing thousands of customer records.
- Among the data: “Total Sales,” which indicates how much a customer has spent across Kering’s brands.
- “No financial information … was involved in the incident,” Kering told the BBC.
- Shiny Hunters claim they demanded ransom in Bitcoin but say the company refused to negotiate.
- Shiny Hunters have a track record of breaching major corporations and selling data online.
- Cyber experts warn that even without financial details, spending data and emails can be weaponized for tailored scams.
- Luxury brand customers, particularly high spenders, are prime targets for such attacks.
Kering says it continues to investigate and reinforce its security systems, while refusing to pay ransom demands.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
