Gucci, Balenciaga hacked, data breach exposes 7.4 million customer records

Luxury fashion giants Gucci, Balenciaga and Alexander McQueen have suffered a major data breach, with cybercriminals stealing the personal details of millions of customers worldwide.

The attack, confirmed by parent company Kering, exposed names, email addresses, phone numbers, postal addresses and even records of how much individuals had spent at the brands’ stores. No financial details, such as bank or card information, were compromised, as reported by BBC.

Read More: IPS officer issues cyber alert amid Google Gemini's Nano Banana AI craze

According to a report by the BBC, the hacker behind the breach — who calls themselves Shiny Hunters — claims to have accessed data linked to 7.4 million unique email addresses. A sample dataset reviewed by the broadcaster contained thousands of seemingly genuine customer records, including spending histories. Some clients were shown to have spent more than $10,000, with a handful exceeding between $30,000 and $86,000. Experts warn that such information could make high-spending customers prime targets for further scams or cyberattacks.

The breach took place in April, with Shiny Hunters telling the BBC via Telegram that they infiltrated Kering’s systems and later approached the French conglomerate to negotiate a ransom in Bitcoin. Kering has strongly denied engaging in any such negotiations, stressing that it has adhered to law enforcement guidance by refusing to pay.

Read More: 'Hackers are trying to create better hacks', says Krafton

Kering confirmed that affected customers have been notified directly by email, as required by data protection regulations, though it has not publicly disclosed the exact number of individuals impacted. A spokesperson said: “We identified that an unauthorised third party gained temporary access to our systems and accessed limited customer data from some of our Houses. No financial information such as bank account numbers, credit card details, or government-issued identification numbers was involved.”

The attack coincided with a wave of cyber incidents targeting luxury brands. Cartier and Louis Vuitton also reported breaches earlier this year, though it remains unclear whether these are linked. Google’s cybersecurity team recently warned about a rise in activity by Shiny Hunters — also tracked as UNC6040 — who are known for tricking employees into handing over login credentials for internal Salesforce systems.

While Kering has involved data regulators and insists it is working to strengthen security, the scale of the breach underscores the growing vulnerability of luxury brands, whose wealthy clientele make them particularly attractive to cybercriminals.

Read More: Cyber-attack halts Jaguar Land Rover production despite £800m digital overhaul