Hackers continue to attack luxury websites This time, Kering customers were targeted

After a series of attacks this summer that targeted brands like Dior, adidas, Tiffany&Co., Cartier, and Louis Vuitton, fashion hackers strike again. This time, the target of the cyberattacks was Kering, a French group owning maisons such as Gucci, Balenciaga, and Alexander McQueen. The main reason behind these crimes is the theft of customers' personal data registered with these brands, who share sensitive information with shopping sites, including their financial data.

Among Kering’s clients are certainly high-profile individuals, considering the luxury brands it owns; it is therefore clear why cybercriminals would want to discover information about them. According to The Guardian, the cyberattacks on Kering may have stolen information of millions of customers, including names, phone numbers, and email addresses. The company stated that the breach occurred in June, but no financial information, such as customers’ credit card numbers or bank account numbers, was stolen.

On Telegram, a messaging app that offers advanced privacy and anonymity features, last month examples of data stolen during the attack on Kering’s site emerged, including information of some Gucci customers shared openly on a social media channel. Some examples even included their in-store spending, with amounts exceeding tens of thousands of dollars. But after Cartier, Louis Vuitton, and now Kering brands, fashion is not the only victim of cyberattacks: The Guardian reports that in England, besides the multistore Harrods, supermarkets such as Co-op and M&S have also been attacked.

Cybercrime is becoming increasingly sophisticated, and according to the Global Retail Report 2025 by KnowBe4, it now represents one of the main threats to the retail sector. Credential theft, often carried out through phishing attacks, has this year surpassed payment card data theft. Cyberattacks in the retail sector, now among the five most targeted globally, increased by 56% compared to 2023. The situation worsened further in 2024: the average cost of a data breach in retail reached 3.48 million dollars, up 18% from 2.96 million in 2023.

The KnowBe4 study emphasizes the importance of reducing the so-called “human risk.” Many attacks actually result from human errors, such as falling victim to phishing. Research shows that employee training is among the most effective strategies to prevent data breaches. Protecting consumer credentials and investing in staff training will therefore become increasingly crucial to defend against the rise of cyberattacks. With the evolution of AI and other technologies, such cyberattacks could become even more frequent.