Louis Vuitton confirms global cyberattack caused regional data breaches
▼ Summary
– Louis Vuitton confirmed a data breach affecting customers in the UK, South Korea, Turkey, Italy, and Sweden, linked to the same security incident.
– The breach, discovered on July 2, 2025, involved unauthorized access to customer data, but no payment information was compromised.
– Louis Vuitton has taken technical measures to contain the breach and is cooperating with authorities, including the UK’s ICO.
– Sources suggest the breach is tied to the ShinyHunters extortion group, which also targeted Adidas and other LVMH brands like Dior and Tiffany & Co.
– ShinyHunters, a prolific hacking group, recently had members arrested, but others remain active and may continue attacks.
Louis Vuitton has confirmed a global cyberattack that led to customer data breaches across multiple countries, with evidence pointing to the notorious ShinyHunters hacking group as the likely culprit. The luxury brand began notifying affected customers last week, starting with South Korea, followed by Turkey, the UK, Italy, and Sweden.
According to official breach notifications, unauthorized access to Louis Vuitton’s systems on July 2, 2025, resulted in the theft of personal client data. The company assured customers that its cybersecurity teams acted swiftly to contain the incident, blocking further unauthorized access and collaborating with regulatory authorities, including the UK’s Information Commissioner’s Office (ICO).
Importantly, no payment details were compromised, though the exact nature of the stolen data remains unclear. Louis Vuitton stated it is working with cybersecurity specialists to investigate the breach and has begun notifying regulators in affected regions.
This incident mirrors recent cyberattacks on other high-profile brands under the LVMH umbrella, including Tiffany & Co. and Dior, both of which suffered breaches earlier this year. While Louis Vuitton has not confirmed a direct connection between these incidents, sources suggest the attacks may be linked to ShinyHunters, a well-known cybercriminal group specializing in large-scale data theft.
The same group has been tied to breaches at major corporations like Adidas, Salesforce, and Ticketmaster, exploiting vulnerabilities in third-party vendor systems. Despite recent arrests of several BreachForum members, including some affiliated with ShinyHunters, experts warn that the group remains active, raising concerns about future attacks.
Louis Vuitton has yet to officially attribute the breach to ShinyHunters, and further details on the investigation are pending. Customers in affected regions are advised to monitor their accounts for suspicious activity and consider additional security measures such as two-factor authentication and credit monitoring.
As cyber threats continue to target global brands, this incident underscores the growing need for enhanced digital security protocols across the luxury retail sector.
(Source: BLEEPING COMPUTER)
