Gucci, Balenciaga and Alexander McQueen customer data stolen by cyber hackers

Share

Cyber criminals have reportedly stolen the private data of millions of customers of luxury brands Gucci, Balenciaga and Alexander McQueen in a significant breach.

The attack, which targeted parent company Kering, has compromised sensitive information, including customer names, email addresses, phone numbers and home addresses. A particularly concerning detail is the “Total Sales” figure, which reveals how much money each customer has spent at the luxury stores, with some victims having spent tens of thousands of dollars.

The hacker, operating under the name Shiny Hunters, claims to have stolen data linked to 7.4 million unique email addresses. A small sample of the data shared with the BBC appeared genuine and showed that some high-spending customers had spent over $10,000, with a handful having spent as much as $86,000. This information is a major concern as it could make these high-value customers prime targets for future scams or secondary hacks.

Kering has confirmed the breach, which occurred in April, and stated that it has already notified the relevant data protection authorities. The company confirmed that no financial information, such as credit card details, was compromised during the incident. A spokesperson for Kering stated: “In June, we identified that an unauthorized third party gained temporary access to our systems and accessed limited customer data from some of our Houses.”

Shiny Hunters told the BBC that they breached the company through Kering and were in negotiations for a ransom to be paid in Bitcoin, a claim that Kering denies. The company maintains that it has refused to pay the ransom in line with law enforcement advice.

This breach is part of a wave of recent attacks on luxury brands, which also saw Cartier and Louis Vuitton disclose data breaches to their customers. It is not known if these other attacks are linked to Shiny Hunters.

For customers concerned that their information may have been stolen, cybersecurity experts advise staying vigilant for suspicious emails, messages, or phone calls. It is recommended to change your passwords and use two-factor authentication where possible. The National Cyber Security Centre suggests creating passwords made of three random words for increased security.

For latest tech stories go to TechDigest.tv