Zoonop

Kering Data Breach Exposes Millions of Luxury Customer Records, Spending Habits

Image for Kering Data Breach Exposes Millions of Luxury Customer Records, Spending Habits

Paris, France – Kering, the French luxury conglomerate behind brands such as Gucci, Balenciaga, and Alexander McQueen, has confirmed a significant data breach that exposed personal details and spending histories of potentially millions of its customers. The incident, attributed to the hacker group "Shiny Hunters," was identified by Kering in June 2025, though the attackers claim to have accessed systems as early as April.

Kering stated that the stolen data includes customer names, email addresses, phone numbers, home addresses, and dates of birth. Crucially, the breach also compromised "Total Sales" metrics, revealing how much individual customers have spent across Kering's luxury houses, with some figures reportedly reaching up to $86,000. The company emphasized that no financial information, such as bank account numbers or credit card details, was compromised.

The hacker group, Shiny Hunters, claims to have obtained data linked to 7.4 million unique email addresses. According to reports, the group offered samples of the stolen data, including spending records, to media outlets as proof. Kering has publicly stated its refusal to engage in ransom negotiations with the attackers, aligning with law enforcement guidance.

Cybersecurity experts warn that even without financial data, the exposure of personal details combined with detailed spending habits poses a significant risk. High-net-worth individuals, who constitute a large portion of luxury brand clientele, could become targets for sophisticated phishing, social engineering scams, and identity fraud. This incident underscores the increasing vulnerability of the luxury sector to cyber threats.

The Kering breach is part of a broader wave of cyberattacks targeting high-end brands in 2025, with other luxury players like Louis Vuitton and Cartier also reporting similar incidents. Kering confirmed that it has secured its affected systems, notified relevant authorities, and is informing impacted customers in accordance with local regulations.