Cybercriminals steal details of potentially millions of people in attack on labels’ parent company Kering.
Gucci data breach has exposed names, phone numbers and email addresses of customers, making it one of the most concerning cybersecurity incidents in luxury fashion. Paris-based Kering confirmed the breach happened in June and clarified that no financial information such as bank account numbers, credit card details, or government-issued IDs, was compromised.
Luxury Brands Targeted in Growing Cyber Threat Landscape
Hackers accessed customer details from Kering’s brands, including Gucci and Balenciaga, in what is now being widely referred to as the Gucci data breach.
Kering said on Monday: “In June 2025, we identified that an unauthorized third party gained temporary access to our systems and accessed limited customer data from some of our [fashion] houses. Our houses immediately disclosed the breach to the relevant authorities and notified customers according to local regulations. The breach was promptly identified, and appropriate actions have been taken to secure the affected systems and prevent such incidents in the future.”
The attackers have been identified as a ransom-seeking group known as Shiny Hunters. According to DataBreaches.net, samples of the Gucci data breach were posted on Telegram channels last month, revealing names, email addresses and dates of birth of some Gucci customers. The BBC, which first reported the breach, stated that some samples also showed customers’ spending habits, with purchases in some cases exceeding $86,000 (£63,000). Shiny Hunters claimed responsibility and stated that the breach had occurred in April.
The Gucci data breach at Kering follows a growing trend of cyber threats targeting luxury brands. In July 2025, Louis Vuitton also confirmed that customer data had been compromised by hackers. These incidents add to a series of recent cybersecurity attacks affecting major British companies, such as Marks & Spencer, the Co-op and Harrods. The increasing frequency and sophistication of such breaches highlight the urgent need for stronger cybersecurity defenses, particularly in industries handling large volumes of customer information.
Ransom-Seeking Groups Exploit Customer Data for Financial Gain
Shiny Hunters posted Gucci data breach samples online, prompting stronger cybersecurity measures across industries.
The Gucci data breach illustrates how cybercriminal groups are leveraging stolen personal information to extract ransom payments or gain financial leverage. Even when financial data like credit card numbers are not stolen, access to sensitive customer details—such as emails and phone numbers—can lead to identity theft, targeted phishing attacks and reputational damage.
Experts emphasize that such attacks are becoming more advanced, with cybercriminals using both automated tools and social engineering techniques to infiltrate systems. In this case, Shiny Hunters’ use of Telegram channels to share stolen data shows how cybercrime networks are exploiting communication platforms to distribute sensitive information quickly and efficiently.
In response to the Gucci data breach and other attacks, many organizations are investing more in cybersecurity infrastructure, including multi-factor authentication, real-time monitoring and employee training. Companies handling customer data are also refining protocols for breach notification, ensuring compliance with local and international data protection laws.
For students and professionals in the field of cybersecurity, understanding the methods and motivations behind such attacks is essential. Learning how ransom groups operate, how breaches occur and how mitigation strategies are applied equips individuals to better protect sensitive information across industries. The Gucci data breach serves as a case study in how even highly secure sectors like luxury fashion are vulnerable to cyber threats—and how preparedness and vigilance remain critical.
Also Read : North Korean Hackers Use AI-Assisted Deepfake ID in Cyber Attack
