Gucci's Parent Company Is Latest Victim of ShinyHunters Cyberattack

Don't miss out on our latest stories. Add PCMag as a preferred source on Google.

Kering, the parent company of luxury brands such as Gucci, Balenciaga, Yves Saint Laurent, and others, has fallen victim to a ShinyHunters cyberattack, the latest in a string of high-profile breaches by the hacking group. The incident marks the fourth major breach carried out by ShinyHunters in recent months, following similar attacks on Salesforce systems used by Adidas and Google.

According to reports, Kering was breached in April, with hackers gaining temporary access to customer data from some of its houses. A ransom demand was made in June, but the company reportedly turned down the offer and secured its IT systems to prevent further unauthorized access.

The breach has resulted in the leak of sensitive information for nearly 7.4 million customers, including names, email addresses, phone numbers, addresses, and expenditure data. While no financial information such as bank account numbers or government-issued identification numbers were compromised, Kering has urged all affected customers to be cautious and monitor their credit statements closely.

ShinyHunters revealed details of the attack through a Telegram chat with the BBC, highlighting the group's brazen tactics. In a statement, Kering acknowledged that an unauthorized third party had accessed limited customer data but emphasized that no financial information was involved.

"In June, we identified that an unauthorized third party gained temporary access to our systems and accessed limited customer data from some of our Houses," said a Kering spokesperson. "No financial information—such as bank account numbers, credit card information, or government-issued identification numbers—was involved in the incident."

The breach has sparked concerns about the security of luxury brands' customer data, with experts warning that hackers may attempt to impersonate banks and financial institutions to trick victims into providing sensitive banking details.

What You Need to Know

  • ShinyHunters have breached Kering's Salesforce systems, compromising the data of nearly 7.4 million customers.
  • No financial information was involved in the breach, but affected customers are urged to monitor their credit statements closely.
  • Kering turned down a ransom demand made by ShinyHunters and secured its IT systems to prevent further unauthorized access.
  • Experts warn that hackers may attempt to impersonate banks and financial institutions to trick victims into providing sensitive banking details.

Protect Yourself from Cyberattacks

If you have been notified of a breach or suspect that your personal data has been compromised, take the following steps:

  • Monitor your credit statements closely for any suspicious activity.
  • Beware of calls or emails from banks or financial institutions claiming to be from legitimate sources.
  • Keep your personal and financial information up to date and secure.

Stay Informed with PCMag

Don't miss out on the latest news and updates on cybersecurity and technology. Follow us for expert advice, tips, and guides to help you stay safe online.