Luxury fashion giant Louis Vuitton has confirmed a global cyber attack linked to the notorious cybercrime group ShinyHunters.
“Despite all security measures in place, on July 2, 2025, we became aware of a personal data breach resulting from the exfiltration of certain personal data of some of our clients following an unauthorized access to our system,” the company told impacted customers.
Upon discovering the intrusion, Louis Vuitton notified law enforcement agencies and the Information Commissioner’s Office.
“Louis Vuitton teams are mobilized to cooperate with the competent authorities which have been notified, including the Information Commissioner’s Office (the ICO),” the company said.
Louis Vuitton responds to a cyber attack
The luxury giant said it implemented technical measures to contain the incident and terminate the threat actor’s access.
It also disclosed that the cyber attack leaked the personal information of customers in South Korea, Turkey, the United Kingdom, Italy, and Sweden.
However, information on which personal details were compromised during the cyber attack remains unreported or undetermined. The identity of the threat actor and whether a ransom demand was made also remain a unreported. The attack vector exploited also remains unknown at the moment.
No cybercrime gang has taken responsibility for the cyber attack, and it remains unclear if ransomware was involved.
Nonetheless, Louis Vuitton says that an investigation is ongoing and therefore more information may soon become available. Typically, details regarding data breaches could take weeks or months to become available.
While the overall number of victims impacted remains unknown, Turkish officials reported that 142,995 people living in the country were affected.
Similarly, Louis Vuitton South Korea reported that the cyber attack leaked the names, contact information, and other customer details. Additionally, no financial information, such as credit cards or bank account information, was compromised during the cyber attack, according to Bloomberg News.
South Korean and Turkish cyber incidents notifications also suggest that the threat actor had maintained access to compromised systems for nearly one month before they were detected.
Meanwhile, the cybercrime group ShinyHunters attributed to the Louis Vuitton hack was responsible for the cyber attack on Adidas that affected customers in South Korea and Turkey.
Other companies victimized by ShinyHunters include AT&T, Salesforce, PowerSchool, Ticketmaster, Neiman Marcus, and Advance Auto Parts.
Recently, French authorities arrested several suspected operators of the BreachForums underground hacking forum of which some ShinyHunters hackers are members.
Retailers under attack
Louis Vuitton is a LVMH brand, of which members the House of Dior and Tiffany have experienced data breaches resulting in the leak of personal information belonging to customers and employees.
Similarly, other retailers such as Marks & Spencer, Victoria’s Secret, and The North Face have reported cyber incidents potentially related to an ongoing campaign targeting renowned brands.
Recently, British law enforcement authorities, working with their international partners and victim organizations, arrested four suspected members of the Scattered Spider cybercrime gang. The group is suspected of targeting U.K. retailers Marks & Spencer, Harrods, and the Co-op. U.S. retailers were also warned that the cybercrime gang could soon start targeting them.
