CyberInsider

Reliable cybersecurity news and resources

General

Latest News

About

CyberInsider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Gucci, Balenciaga & Alexander McQueen Victims of Major Data Breach via Salesforce Attack

By Leave a Comment
LinkedInReddit

Luxury brands owned by Kering, including Gucci, Balenciaga, Brioni, and Alexander McQueen, have confirmed a data breach stemming from unauthorized access to their Salesforce systems, with millions of customer records reportedly compromised.

According to DataBreaches.net, ShinyHunters claimed responsibility for two significant exfiltrations: approximately 43.5 million records from Gucci and nearly 13 million combined records from Balenciaga, Brioni, and Alexander McQueen. The data includes names, email addresses, dates of birth, sales histories, and addresses, among other personally identifiable information.

Kering has officially acknowledged the breach, stating that an “unauthorized third party” accessed limited customer data in June 2025. In its statement, the company insists that no financial information, such as bank account or credit card numbers, nor national identifiers like social security numbers, were compromised.

The breach’s discovery timeline appears driven by ShinyHunters' outreach rather than internal detection: the hack is said to have occurred months before Gucci or Kering made any public acknowledgment. ShinyHunters presented sample data and chat logs of ransom negotiations; in these, Balenciaga was alleged to have agreed to a ransom of €500,000 but then ceased communication. A small test payment was reportedly made, with evidence found in transaction logs.

ShinyHunters, a prominent hacking group, has repeatedly leveraged Salesforce weaknesses in high-profile breaches across the luxury, travel, and financial sectors, most recently linked to the cyberattack on Vietnam’s National Credit Information Center (CIC).

While Kering claims to have reported the incident to relevant authorities and notified customers in line with local regulations, many questions remain unanswered, including the full number of affected customers, which brands beyond those named may be involved, and the geographic distribution of the data.

CyberInsider has contacted Kering for further comment and will update this article should we receive a response.

If you liked this article, be sure to follow us on X/Twitter and also LinkedIn for more exclusive content.

LinkedInReddit

More from CyberInsider

About Amar Ćemanović

Amar Ćemanović is an experienced editor and trained engineer with a keen eye for detail and a passion for technology. 
Based in Bosnia, Amar specializes in producing high-quality, engaging content. He holds a Master’s degree in engineering, which helps him maintain a meticulous approach to all editorial work. Amar brings a well-rounded knowledge base, covering everything from tech solutions to privacy tools.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Share to...
BlueskyBufferCopyFlipboardHacker NewsLineLinkedInMastodonMessengerMixNextdoorPinterestPocketPrintRedditSMSTelegramThreadsTumblrVKWhatsAppXingYummly