SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Luxury shopping bag spilling documents digital symbols worried people exposure security vault
#
Data Protection
#
PAM
#
MFA

Kering data breach exposes 7.4m luxury customers’ details & spend

Wed, 17th Sep 2025
Author image
By Shannon Williams, News Editor

Luxury goods conglomerate Kering has confirmed a significant data breach affecting customers of its flagship brands Gucci, Balenciaga, and Alexander McQueen. According to multiple cybersecurity experts, the breach resulted in the theft of personal details belonging to approximately 7.4 million customers, including their email addresses and, notably, detailed spending data.

The breach, which reportedly took place in April 2025, was only revealed recently when the hackers chose to publicise the incident. The hackers' decision to go public has brought renewed scrutiny to the rising threat of cyberattacks targeting high-profile retail groups, especially those catering to high-net-worth clientele. While the initial event happened several months ago, public awareness was delayed - mirroring similar patterns observed in other recent cyberattacks, such as the attack on M&S.

Ade Clewlow MBE, senior advisor at cybersecurity consulting firm NCC Group, outlined the scale and implications of the breach. He stated, "The cyber attack on Kering is another demonstration of the target on retailers' backs. Although the data breach took place in April 2025, around the time of the M&S hack, it has only become public knowledge months later thanks to the hackers publicising their work. This drives home the fact that a ransomware attack isn't just a momentary disruption – it can be a battle that takes months and drains time, resources, and resilience."

Clewlow also commended Kering's decision to refuse a ransom payment to the attackers. "It's positive to see that Kering refused the ransom payment. We would never advise paying a ransom, as it essentially funds organised crime and there is no guarantee that the criminals would hold up their side of the deal, whether that is deleting data or giving it back." He cautioned, however, that such situations often arise when preventative cybersecurity investments have not been prioritised. "Unfortunately though, this is the difficult situation that many businesses find themselves in when they fail to invest in preventative measures."

The exposure of information relating to luxury brand customers - including high-net-worth individuals - raises particular concerns about targeted cyberattacks. Clewlow warned, "High-net-worth individuals face significant risk after Kering's data breach exposed detailed records of Gucci, Balenciaga, and Alexander McQueen customers, including spend data. Customers should therefore be hyper-vigilant to phishing attempts seeking personal information, online credentials, or payment of any kind."

Cybersecurity professionals say that retail groups, particularly those with large amounts of customer data and a prominent public profile, are increasingly in the crosshairs of sophisticated attacks. Spencer Young, SVP EMEA at cybersecurity company Delinea, commented, "Today's breach, impacting millions of customers across Gucci, Balenciaga, and Alexander McQueen, is a stark reminder that ransomware and data theft has evolved into a shape-shifting, AI-enabled threat that no business can afford to underestimate."

Young emphasised that attackers now deploy advanced artificial intelligence techniques to breach even the most well-defended systems. "In order to combat the sophistication of today's attacks, organisations must fight AI with AI and embrace proactive, identity security strategies like zero trust architecture, Privileged Access Management and continuous credential monitoring to protect customer data and prevent reputational damage."

Industry analysts note that the luxury sector is particularly vulnerable to cyberattacks, given the profile and net worth of its clientele. Data such as spending habits and contact details can be used in targeted phishing campaigns or even identity theft, placing a premium on preventative cybersecurity strategies. Both Clewlow and Young advocate for greater investment in cybersecurity defences, recommending regular security audits and continuous employee training to spot and prevent attacks.

As authorities continue to investigate the breach, Kering faces the challenge of reassuring customers that their data is safe and instituting measures to prevent future incidents. For customers, industry leaders strongly advise heightened vigilance for suspicious activity or communication, and urge all to take immediate steps to strengthen passwords and enable multi-factor authentication wherever possible.

This incident is a reminder to companies across all sectors that cyber threats are evolving rapidly and that maintaining robust preventative systems is no longer optional, but a business imperative.

Related stories
UK firms see AI as key to resilience, cyber gap grows
NCC Group, Delinea partner on managed PAM for AI era
Aliter unites trio as Serbus to drive UK security push
FTSE AIM-100 firms lag on AI, with only 1% truly ready
SonicWall pushes unified automation for faster cyber defence

Top stories

Integrated Quantum unveils quantum-resilient AI data layer
Check Point unveils AI-ready continuous exposure management
GlobalLogic, Elektrobit deepen software-defined car push
AI agents race ahead of governance, security & trust
Fears UK under-16 social media ban will hurt creators