Key Facts
• On September 15, Kering confirmed a cyberattack leading to customer data exposure.
• The breach was discovered in June 2025, affecting limited customer data.
• No financial or government-issued ID information was compromised.
• Kering brands like Yves Saint Laurent and Balenciaga were impacted.
• Affected brands notified authorities and customers immediately.
• Security measures were enhanced to prevent future breaches.
• In April 2025, Marks & Spencer faced a four-month disruption due to a cyberattack.
• Jaguar Land Rover also experienced operational issues from a recent attack.
• Hacker group ShinyHunters claimed responsibility via Telegram, but their identity remains unverified.
Summary
French luxury goods company Kering, owner of Gucci, announced on September 15, 2025, that a cyberattack exposed limited customer data. The breach, discovered in June, did not include sensitive financial or government-issued ID information. Brands like Yves Saint Laurent and Balenciaga were affected, with authorities and customers promptly informed. Kering has since implemented enhanced security measures. This incident is part of a broader trend of cyberattacks targeting European retailers, including Marks & Spencer and Jaguar Land Rover earlier this year. Hacker group ShinyHunters claimed responsibility, though their identity remains unverified.
