Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Luxury retailer and designer brand Louis Vuitton has revealed that a cyber attack on its network led to unauthorised system access and the theft of UK customer data.
In an email to customers, LVMH Moët Hennessy Louis Vuitton SE said that on 2 July, threat actors breached the British systems of Louis Vuitton.
During the breach, the threat actors accessed data, including names, contact details and purchase history.
However, Louis Vuitton has confirmed that no financial data, such as bank details, had been exfiltrated in the incident.
“While we have no evidence that your data has been misused to date, phishing attempts, fraud attempts, or unauthorised use of your information may occur,” the email said.
The company added that it had notified relevant authorities of the breach.
The threat actor behind the incident has not been publicly identified, nor have any threat actors taken responsibility publicly for the breach. It is currently unclear who launched the cyber attack or what the nature and scope of the incident are.
The cyber attack closely follows a similar attack on Louis Vuitton’s Korean operations, as well as two breaches on the second-largest fashion label under the LVMH brand, Christian Dior Couture, back in May.
On 15 May, Dior disclosed that it had detected unauthorised activity on its systems and that it is dealing with a cyber incident.
“The House of Dior recently discovered that an unauthorised external party accessed some of the data we hold for our Dior Fashion and Accessories customers,” Dior said.
“We immediately took steps to contain this incident. The teams at Dior, supported by leading cyber security experts, continue to investigate and respond to the incident.”
Dior explicitly stated that the unauthorised third party did not access any bank account or payment card information, as that data was stored in a different database.
“We are working to notify relevant regulators and customers in line with applicable law. The confidentiality and security of our customers’ data is an absolute priority for the House of Dior,” the company said.
The recent attacks follow a wave of breaches of retailers in the UK and then the US, believed to have been conducted by the Scattered Spider or DragonForce ransomware threat actors.
Just last week, UK authorities announced that they had arrested three males – two of whom are aged 19 and one is 17 – and one female aged 20, who were suspected of breaching the Computer Misuse Act for money laundering, blackmail and participating in organised crime, and are believed to be connected to the Scattered Spider hacking collective.
The suspected criminals were arrested at home and are being detained in London and the West Midlands of England after having their devices seized. They are currently being questioned by the NCA’s National Cyber Crime Unit as part of an investigation into the breach.
Be the first to hear the latest developments in the cyber industry.
