How hackers plunged Gucci, Balenciaga into fashion’s biggest cyber crisis

Global luxury powerhouse Kering, owners of Gucci, Balenciaga, and Saint Laurent, has confirmed it was hit by a devastating cyber-attack that may have compromised the private details of over 7.4 million customers worldwide.

The breach, carried out by notorious hacker Shiny Hunters, has shaken the billion-dollar fashion industry, raising fears that high-spending customers could now be exposed to a new wave of scams and extortion plots.

Kering admitted that an “unauthorized third party” infiltrated its systems in April, accessing sensitive customer data across several of its luxury houses. Although the company insists no banking details, credit cards, or government IDs were leaked, internal files reviewed by the BBC show details of how much customers spent in stores.

And those numbers are eye-popping.

Some victims were shown to have spent over $10,000, while a select few had transactions ranging from $30,000 to $86,000. Experts warn that such information puts them directly in the crosshairs of hackers, fraudsters, and organised crime syndicates.

Despite this, Kering has not made a public announcement, instead choosing to quietly email affected customers. Under French law, the company is not obliged to disclose the scale of the hack if individuals are contacted directly.

But Shiny Hunters who previously targeted Microsoft, Tokopedia, and other global giants told the BBC that they infiltrated Kering in April, later reaching out in June to demand a Bitcoin ransom. Kering, however, flatly denies negotiating with the criminals, saying it stood by law enforcement advice to “never pay.”

“In June, we identified that an unauthorized third party gained temporary access to our systems and accessed limited customer data. No financial information was involved, and we have since secured our IT systems,” a Kering spokesperson said.

The hack comes amid a tsunami of cyber-attacks ripping through the luxury fashion sector. In the same period, Cartier and Louis Vuitton also disclosed breaches. Whether those are linked to Shiny Hunters remains unclear.

Google cybersecurity analysts have since warned that the group tagged internally as UNC6040 is on a hacking spree, using new phishing methods to trick employees into handing over Salesforce login details. Even Google itself fell victim earlier this year.

For now, the threat hangs heavy over Kering and its super-rich clientele. With hackers sitting on millions of data points and hinting at a full leak if demands aren’t met, the fashion house faces the biggest cyber challenge in its history.