Cyber criminals have stolen the private details of potentially millions of Balenciaga, Gucci and Alexander McQueen customers in an attack. The stolen data includes names, email addresses, phone numbers, addresses and the total amount spent in the luxury stores around the world.
Brian Higgins, Security Specialist at Comparitech had this to say:
“This is a rather alarming step in a growing trend of attacks on high value retail brands. Aside from all of the usual advice surrounding digital security measures, the most obvious threat to customers here lies in the value of the stolen data. Regardless of whether or not financial information has been compromised, the potential aggregation of names, addresses and overall spend could provide a significant target list for further cyber or indeed real-life criminality. One would hope that those most affected have the resources to target-harden their virtual and physical security but the threat should not be ignored. In the majority of data theft cases changing passwords, monitoring online activity and boosting cybersecurity is sufficient to ride out the threat. I would suggest that in this case more offline measures are appropriate too.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy follows with this:
“Unfortunately, cyber-attacks on retailers are on the increase. While Kering refuses to say how many customers were affected by the data breach, the bad actors behind the attack, Shiny Hunters, claims to have harvested data linked to 7.4 million email addresses, meaning the numbers of customers affected by the breach is easily in the millions. Since this information includes names, email addresses, phone numbers, addresses and the total amount spent in Balenciaga, Gucci and Alexander McQueen stores around the world, the data could be used for phishing attacks, and could be sold for a nice piece of change to other bad actors.”
“Customers affected by the hack need to stay alert for suspicious texts, emails, and other communications, claiming to be from a Kerif-owned store, the customer’s bank, and other organizations. Customers should immediately change the password on related accounts and should enable two-factor authentication if available. Actually, they should do this for all of their online accounts.”
Roger Grimes, data-driven defense evangelist at KnowBe4 commented:
“The biggest risk to individual customers is that a very targeted spear phishing attack can be used that more realistically tricks a potential victim into thinking they are dealing with someone legitimate. A very common scheme is for a scammer to pretend to be one of the legitimate brands, and get the potential victim to provide updated credit card information under the guise that their existing or old credit card information must be quickly updated or else they will be at great likelihood to lose money. By the scammer having access to the user’s past history, they can include real details that happened in the past to make potential victims think they are dealing with the legitimate vendor and be more likely to fall for scams.”
Like this:
Like Loading...
Related
This entry was posted on September 15, 2025 at 4:28 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Gucci, Balenciaga and Alexander McQueen Have Been Pwned And The Details Of Millions Has Been Swiped
Cyber criminals have stolen the private details of potentially millions of Balenciaga, Gucci and Alexander McQueen customers in an attack. The stolen data includes names, email addresses, phone numbers, addresses and the total amount spent in the luxury stores around the world.
Brian Higgins, Security Specialist at Comparitech had this to say:
“This is a rather alarming step in a growing trend of attacks on high value retail brands. Aside from all of the usual advice surrounding digital security measures, the most obvious threat to customers here lies in the value of the stolen data. Regardless of whether or not financial information has been compromised, the potential aggregation of names, addresses and overall spend could provide a significant target list for further cyber or indeed real-life criminality. One would hope that those most affected have the resources to target-harden their virtual and physical security but the threat should not be ignored. In the majority of data theft cases changing passwords, monitoring online activity and boosting cybersecurity is sufficient to ride out the threat. I would suggest that in this case more offline measures are appropriate too.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy follows with this:
“Unfortunately, cyber-attacks on retailers are on the increase. While Kering refuses to say how many customers were affected by the data breach, the bad actors behind the attack, Shiny Hunters, claims to have harvested data linked to 7.4 million email addresses, meaning the numbers of customers affected by the breach is easily in the millions. Since this information includes names, email addresses, phone numbers, addresses and the total amount spent in Balenciaga, Gucci and Alexander McQueen stores around the world, the data could be used for phishing attacks, and could be sold for a nice piece of change to other bad actors.”
“Customers affected by the hack need to stay alert for suspicious texts, emails, and other communications, claiming to be from a Kerif-owned store, the customer’s bank, and other organizations. Customers should immediately change the password on related accounts and should enable two-factor authentication if available. Actually, they should do this for all of their online accounts.”
Roger Grimes, data-driven defense evangelist at KnowBe4 commented:
“The biggest risk to individual customers is that a very targeted spear phishing attack can be used that more realistically tricks a potential victim into thinking they are dealing with someone legitimate. A very common scheme is for a scammer to pretend to be one of the legitimate brands, and get the potential victim to provide updated credit card information under the guise that their existing or old credit card information must be quickly updated or else they will be at great likelihood to lose money. By the scammer having access to the user’s past history, they can include real details that happened in the past to make potential victims think they are dealing with the legitimate vendor and be more likely to fall for scams.”
Share this:
Like this:
Related
This entry was posted on September 15, 2025 at 4:28 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.