Luxurious style big Louis Vuitton confirmed that breaches impacting clients within the UK, South Korea, and Turkey stem from the identical security incident, which is believed to be linked to the ShinyHunters extortion group.
Since final week, the retailer has been notifying clients that their information was uncovered in a data breach, first in South Korea, then in Turkey, and on Friday in the UK.
“Regardless of all security measures in place, on July 2, 2025, we turned conscious of a private data breach ensuing from the exfiltration of sure private information of a few of our shoppers following an unauthorized entry to our system,” reads Louis Vuitton’s data breach notifications despatched to clients.
“We wish to guarantee you that our cybersecurity groups have taken care of the incident with the utmost diligence and a spotlight. Technical measures have been instantly taken to include the incident after its occurence, notably by blocking the unauthorized entry.
“Louis Vuitton groups are mobilized to cooperate with the competent authorities which have been notified, together with the Info Commissioner’s Workplace (the ICO).”
Supply: Teytey2022 (Reddit)
In an announcement to BleepingComputer, Louis Vuitton confirmed that no cost info was compromised from the database accessed through the incident.
The corporate additional acknowledged that it’s working with cybersecurity consultants to research the incident and has begun notifying related regulators.
When requested if the breach notifications within the completely different areas are linked to the identical security incident, BleepingComputer was instructed that their assertion applies to all notifications despatched to shoppers.
This incident follows comparable breaches disclosed by Tiffany & Co. in April and Home of Dior in Could, affecting clients in South Korea.
When BleepingComputer requested if the Louis Vuitton and Dior breaches have been a part of the identical cyberattack, a LVMH spokesperson mentioned there was no further info they may share right now.
Nevertheless, sources have instructed BleepingComputer that the LVMH breaches are linked to an assault by the ShinyHunters extortion group, which gained entry and stole information from a third-party vendor’s database.
This similar assault can also be believed to be tied to a data breach at Adidas disclosed in Could that additionally impacted clients from South Korea and Turkey.
ShinyHunters is a prolific risk actor tied to quite a few information theft campaigns, together with these towards Salesforce and PowerSchool, in addition to the SnowFlake assaults, which impacted Santander, Ticketmaster, AT&T, Advance Auto Elements, Neiman Marcus, and Cylance.
Final month, French police arrested 5 operators of the BreachForum cybercrime discussion board, which included ShinyHunters members, who had helped re-launch the hacking discussion board.
Nevertheless, it’s believed that different members of the group are nonetheless at giant, so different assaults might seem underneath that alias sooner or later.
BleepingComputer contacted Louis Vuitton to ask if ShinyHunters was behind its breach however didn’t obtain a response right now.
Whereas cloud assaults could also be rising extra subtle, attackers nonetheless succeed with surprisingly easy strategies.
Drawing from Wiz’s detections throughout 1000’s of organizations, this report reveals 8 key strategies utilized by cloud-fluent risk actors.
