Kering Data Breach Hits Gucci and Balenciaga Customers

The Kering data breach has compromised the personal information of 7.4 million customers from luxury brands Gucci, Balenciaga, and Alexander McQueen. Hackers from the group Shiny Hunters claimed responsibility. Kering confirmed the incident in June after first detecting unusual activity.

What Information Was Leaked

The breach exposed customer names, phone numbers, email addresses, home addresses, and purchase histories. Spending records revealed how much clients paid at Kering-owned brands.

Kering emphasized that financial data such as bank accounts, card numbers, and government IDs were not stolen. The company confirmed that the attackers only accessed “limited data.”

How the Breach Happened

Shiny Hunters claim they obtained the dataset in April, months before Kering discovered the intrusion. Reports indicate the attackers stole 7.4 million unique email addresses along with purchase histories.

Kering publicly acknowledged the incident after conducting an internal investigation. The company has since taken steps to strengthen its IT security and reported the breach to regulators.

Risks for Customers

The Kering data breach still creates risks despite financial details remaining secure. Exposed data such as contact information and purchase history can fuel targeted phishing and social engineering campaigns.

Customers with high-value spending records may face greater exposure. Cybercriminals often target wealthy individuals with tailored scams designed to exploit personal details.

Kering’s Response

Kering notified affected customers and data protection authorities. The company announced that it has tightened security protocols to reduce the chance of future incidents.

While Kering continues to monitor its networks, cybersecurity experts warn that the stolen data could circulate for years on criminal forums.

Conclusion

The Kering data breach shows how luxury brands remain prime targets for cybercriminals. Even without stolen credit card details, exposed personal data can fuel phishing attacks and fraud. Kering must strengthen its defenses while customers should remain alert to suspicious emails, calls, or scams tied to their shopping history.