Blog Details

Replace 7/17/25: Updated story with hyperlinks to breach notifications for Italy and Sweden as effectively.

Luxurious vogue large Louis Vuitton confirmed that breaches impacting potentialities within the UK, South Korea, and Turkey stem from the identical safety incident, which is believed to be linked to the ShinyHunters extortion neighborhood.

Since final week, the retailer has been notifying potentialities that their files became uncovered in a files breach, first in South Korea, then in Turkey, and on Friday within the UK. After publishing, BleepingComputer learned that notifications also went to potentialities in Italy and Sweden.

“Despite all security measures in place, on July 2, 2025, we became aware of a personal data breach resulting from the exfiltration of certain personal data of some of our clients following an unauthorized access to our system,” reads Louis Vuitton’s files breach notifications despatched to potentialities.

“We would really like to guarantee you that our cybersecurity groups be pleased sorted the incident with the utmost diligence and consideration. Technical measures were straight away taken to be pleased the incident after its occurence, notably by blocking the unauthorized accumulate true of entry to.

“Louis Vuitton teams are mobilized to cooperate with the competent authorities which have been notified, including the Information Commissioner’s Office (the ICO).”

In an announcement to BleepingComputer, Louis Vuitton confirmed that free of price knowledge became compromised from the database accessed at some level of the incident.

The firm additional acknowledged that it is working with cybersecurity consultants to compare the incident and has begun notifying relevant regulators.

When requested if the breach notifications within the hundreds of regions are linked to the identical safety incident, BleepingComputer became knowledgeable that their enlighten applies to all notifications despatched to customers.

This incident follows equivalent breaches disclosed by Tiffany & Co. in April and Apartment of Dior in Also can, affecting potentialities in South Korea.

When BleepingComputer requested if the Louis Vuitton and Dior breaches were half of the identical cyberattack, a LVMH spokesperson acknowledged there became no additional knowledge they’ll piece at present.

Nonetheless, sources be pleased knowledgeable BleepingComputer that the LVMH breaches are linked to an attack by the ShinyHunters extortion neighborhood, which obtained accumulate true of entry to and stole files from a third-party vendor’s database.

This identical attack would perhaps be believed to be tied to a files breach at Adidas disclosed in Also can that also impacted potentialities from South Korea and Turkey.

ShinyHunters is a prolific menace actor tied to a large preference of knowledge theft campaigns, including those in opposition to Salesforce and PowerSchool, in addition to to the SnowFlake assaults, which impacted Santander, Ticketmaster, AT&T, Advance Auto Aspects, Neiman Marcus, and Cylance.

Last month, French police arrested five operators of the BreachForum cybercrime forum, which integrated ShinyHunters members, who had helped re-open the hacking forum.

Nonetheless, it is believed that other members of the neighborhood are unruffled at large, so other assaults could well appear below that alias within the long creep.

BleepingComputer contacted Louis Vuitton to rely on if ShinyHunters became within the assist of its breach however didn’t discover a response at present.