Latest effort by the ShinyHunters group sees U.S. customer details breached.
French luxury brand Chanel had U.S. customers' personal contact details exposed following the compromise of a database.
The database, hosted by a third-party service provider, was breached with attackers able to steal U.S. clients' names, mailing addresses, email addresses, and phone numbers, reports BleepingComputer.
Despite a lack of additional information regarding the infiltrated database, such compromise was discovered to have involved a Salesforce instance targeted amid a slew of attacks by the ShinyHunters extortion operation, which were confirmed to have impacted LVMH brands Louis Vuitton, Tiffany & Co., and Dior, as well as Adidas, Allianz Life, and Qantas.
Concerning Pattern
Dray Agha, senior manager of security operations at Huntress said this is another retail breach, signalling a concerning pattern, not an isolated incident.
“Attackers are clearly targeting the luxury sector's rich customer data troves,” Agha said. “Names and contact details are prime phishing fuel, enabling highly convincing scams. Chanel must urgently conduct a group-wide security overhaul, moving beyond perimeter defence to assume compromise is inevitable.”
Sweeping Cybercrime Wave
Chris Hauk, consumer privacy advocate at Pixel Privacy, said: “The Chanel breach is just the latest incident in a sweeping cybercrime wave orchestrated by the ShinyHunters group, which has been targeting Salesforce users in several countries since early 2025. The bad actors gain access to an organisation's Salesforce instance the old fashioned way, by tricking users into providing their login credentials to a malicious app, using the login to breach their data.
While no customer financial information was reportedly revealed in the breach, there was enough data revealed to allow the bad guys to phish for additional information, by posing as Chanel employees via texts, emails and calls. Customers need to stay alert for such attempts."
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
