Luxury fashion giant Louis Vuitton confirmed that breaches impacting customers in the UK, South Korea, and Turkey stem from the same security incident, which is believed to be linked to the ShinyHunters extortion group.
Since last week, the retailer has been notifying customers that their info was exposed in a data breach, first in South Korea, then in Turkey, and on Friday in the United Kingdom.
"Despite all security measures in place, on July 2, 2025, we became aware of a personal data breach resulting from the exfiltration of certain personal data of some of our clients following an unauthorized access to our system," reads Louis Vuitton's data breach notifications sent to customers.
"We would like to assure you that our cybersecurity teams have taken care of the incident with the utmost diligence and attention. Technical measures were immediately taken to contain the incident after its occurence, notably by blocking the unauthorized access.
"Louis Vuitton teams are mobilized to cooperate with the competent authorities which have been notified, including the Information Commissioner's Office (the ICO)."
Louis Vuitton data breach notification to UK customers
Source: Teytey2022 (Reddit)
In a statement to BleepingComputer, Louis Vuitton confirmed that no payment information was compromised from the database accessed during the incident.
The company further stated that it is working with cybersecurity experts to investigate the incident and has begun notifying relevant regulators.
When asked if the breach notifications in the different regions are linked to the same security incident, BleepingComputer was told that their statement applies to all notifications sent to clients.
... continue reading