
Luxury fashion brand Chanel has suffered a data breach linked to a broader cyberattack campaign targeting customers of Salesforce, a popular cloud-based customer relationship management (CRM) platform.
Chanel says it first detected the breach on July 25th, after attackers accessed a Chanel database hosted by a third-party service provider, according to WWD. Threat actors reportedly exploited stolen login credentials to access customer data managed via Salesforce, bypassing authentication mechanisms using a malicious toolkit known as “MetaDock.”
The incident is part of a broader wave of attacks targeting Salesforce customers through sophisticated phishing and credential-stuffing tactics. Other victims include Adidas, Qantas, Allianz Life, as well as certain LVMH brands.
Salesforce confirmed the breach in a statement to BleepingComputer, saying the attack was limited to users of its platform whose credentials were compromised. Chanel, listed among the affected organizations, has since confirmed that customer data was exposed in the breach.
In its statement, Salesforce emphasized that its systems were not breached and that the attackers gained access only through credentials obtained externally, such as via phishing or reused passwords. The company noted that it has not found evidence of any vulnerability in its platform and is actively working with affected customers to help secure their environments and accounts.
While Chanel did not specify how many individuals were impacted or the nature of the compromised data, similar incidents have previously involved names, contact details, and purchase information.
MetaDock, the tool believed to have enabled the attack, allows threat actors to manipulate browser sessions and access Salesforce environments without triggering multi-factor authentication. The campaign appears to be ongoing, with other global brands reportedly affected.
Salesforce said it is working with impacted customers and has implemented countermeasures to limit further abuse. Chanel noted that it has launched an internal investigation and is notifying affected individuals.
Leave a Reply