Unauthorized individuals have managed to pilfer millions of user personal data from the digital stores of luxury fashion brands Gucci, Balenciaga, and Alexander McQueen.
Kering Suffers Data Breach: Shiny Hunters Expose 7.4 Million Email Addresses
Luxury fashion company Kering has confirmed a data breach that occurred in April 2021. The incident, which exposed personally identifiable information (PII) for an estimated 7.4 million unique email addresses, was the work of the hacker group Shiny Hunters.
According to reports, Shiny Hunters exploited stolen API tokens and misused OAuth scopes to harvest credentials from other major firms. The attacker gained unauthorized access via compromised internal credentials, likely through a phishing campaign targeting Salesforce SSO portals.
The stolen dataset includes email addresses, full names, phone numbers, shipping addresses, and a "Total Sales" field indicating each customer's cumulative spending. However, no credit card numbers or bank account details were exfiltrated.
Kering has notified relevant data protection authorities under GDPR Article 33 and has been communicating directly with affected customers via email. The company denies any paid negotiations with Shiny Hunters and maintains that its direct notification obligations have been met.
Security experts warn that leaked PII combined with customer spend profiles could facilitate secondary intrusions such as account takeover or SIM swapping. They recommend remaining vigilant against unsolicited calls or emails demanding urgent action to thwart follow-on fraud.
Recommended mitigations include enabling multi-factor authentication (MFA) on all accounts, using unique, randomly generated passwords, monitoring credit reports, and setting up alerts for suspicious activity. Victims should also assume that scammers may impersonate legitimate organizations using stolen PII.
The pattern of Shiny Hunters' Tactics, Techniques, and Procedures (TTPs) includes credential theft via social engineering, abuse of third-party CRM integrations, and exfiltration through encrypted channels. Google's Threat Analysis Group attributes a similar campaign tracked as UNC6040 to Shiny Hunters.
It's not explicitly stated which other firms may have been targeted by Shiny Hunters, but it is known that other companies like Marks & Spencer and Louis Vuitton have also been victims of hacker attacks this year.
In June, Kering confirmed a cyberattack in which customer data was stolen and immediately informed the relevant EU authorities and the affected customers. The company states that no financial data was compromised.
As a precaution, the National Cyber Security Centre advises resetting passwords and reviewing account recovery settings for all email and e-commerce profiles. Stay safe and secure!
Read also:
- Investment of $20 million in strategy by the Aqua 1 Foundation of the UAE in Above Food
- Developing Apps in the Future: Key Insights for You
- Progress in Assistance: A Leap in User Aid
- Unveiling Digital Miscreants: The Identities of Cyber Criminals Targeting Russian Businesses and Strategies to Escape their Digital Traps
