Kering Data Breach
Kering Luxury Fashion Group Breach (Salesforce, 2025): 56 Million Customer Contact Records Exposed
Luxury goods holding company.
Risk Interpretation
High risk of phishing, procurement fraud, and affluent-customer targeting. Group-level data can also help attackers map brand relationships and high-value retail operations.
Impact & Downstream Threats
Kering was among the approximately 39 organizations listed on the Scattered LAPSUS$ Hunters dark web leak site in October 2025, with customer contact data including email addresses, phone numbers, and home addresses published as part of the Salesforce campaign. Security researchers noted that the Kering dataset represented a particularly high-value target because Gucci and other Kering brand customers include high-net-worth individuals — making the combination of names, contact information, and
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
Kering, the French luxury goods group behind Gucci, Balenciaga, Bottega Veneta, Saint Laurent, Brioni, and Alexander McQueen, was caught up in a broad supply chain attack targeting Salesforce, the customer relationship management platform used across Kering's retail operations. A threat actor group calling itself "Scattered LAPSUS$ Hunters" claimed responsibility and released a sample of the stolen data on October 3, 2025, announcing a full release scheduled for October 10. Kering was one of roughly 39 organizations listed on the group's dark web leak site as part of the same campaign. The breach affected an estimated 56.4 million customer records. The exposed data includes names, dates of birth, email addresses, phone numbers, and home addresses, along with Salesforce system metadata and purchase amount data. Because Kering's customer base skews heavily toward high-net-worth individuals, the combination of personal contact details and luxury purchase context makes this dataset particularly useful to fraudsters. Attackers can use it to craft convincing phishing messages, impersonate brand representatives, or target wealthy individuals for procurement fraud and social engineering schemes. Kering has not made detailed public statements about the scope of its exposure in this campaign. No regulatory actions or individual notifications have been confirmed as of the time of writing. Affected customers should be alert to unsolicited contact claiming to be from Gucci, Balenciaga, or other Kering brands, and treat any requests for payment details or account credentials with suspicion.
About Kering
Kering is a French multinational luxury goods holding company that owns and manages a portfolio of high-end fashion and lifestyle brands including Gucci, Saint Laurent, Bottega Veneta, Balenciaga, Alexander McQueen, Brioni, and others. Headquartered in Paris, the company is publicly listed on Euronext Paris and operates across more than 100 countries through owned retail boutiques, wholesale accounts, and e-commerce platforms. Kering is one of the two dominant players in the global luxury goods conglomerate market alongside LVMH.
Why They Hold Your Data
Luxury brand groups collect customer, employee, vendor, clienteling, and commerce records across multiple fashion and luxury houses, including contact, purchase, and operational data.
Recent Developments
Kering has faced a challenging period for luxury goods demand, particularly at Gucci, its largest revenue contributor, which saw significant sales declines beginning in 2024. The company has brought in new creative leadership at Gucci and undertaken strategic repositioning efforts across the brand. Kering divested several assets and has been focused on margin and portfolio management amid softer global luxury demand.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, phone_number, physical_address:home
Dark Web Verification
- Dataset containing ~56.4M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: kering-salesforce-2025
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Kering
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam