UK Retailer Suffers Data Leak at Louis Vuitton Outlet
In a series of cyber-attacks on luxury fashion brands, Louis Vuitton, Christian Dior Couture, and Tiffany have all suffered customer data breaches, with the latest attack on Louis Vuitton UK confirmed last week.
The breach at Louis Vuitton UK was discovered on July 2, 2023, and it is believed that the compromised PII includes first and second name, gender, country, phone number, email, postal address, date of birth, purchases, and preference data. The company has notified the Information Commissioner's Office (ICO) about the breach and has recommended customers to remain vigilant against unsolicited communication or suspicious correspondence.
Malicious emails pretending to be from LV could be sent to customers in an attempt to gain login or financial information. Customers should be on alert for any suspicious and sudden emails or calls directing them to take immediate action or face a negative consequence.
Thomas Richards, infrastructure security practice director at Black Duck, suggested that while no financial information was taken in the Louis Vuitton attack, there are still significant risks for the company and its customers. He advised LVMH to conduct an organization-wide security assessment to find out the root cause of the issue and implement changes to prevent further breaches.
This is the second security breach at LVMH brands in a week, following the hack of Louis Vuitton's Korean operations. The pattern of other LVMH regional breaches might be indicative of a larger problem, and the breach might not be fully contained, or these business units use similar technology and systems that have a vulnerability in it.
Four individuals were arrested last week in connection with cyber-attacks on M&S, Co-op, and Harrods. However, the search results do not provide the name of the person or group responsible for the cyberattacks on Louis Vuitton and other LVMH brands.
Officers in London cuffed a 19-year-old British man, while a 17-year-old British man and a 19-year-old Latvian were apprehended by law enforcement in the West Midlands. A 20-year-old British woman was arrested in Staffordshire.
Both Christian Dior Couture and Tiffany have been under government investigation since May, adding to the concerns surrounding the security of LVMH's brands. The breaches highlight the need for improved cybersecurity measures in the retail and fashion industries to protect customer data and prevent future attacks.
