- Louis Vuitton Korea confirms cyberattack and data theft
- No financial data was taken
- Luxury fashion brands are being actively targeted these days
Cybercriminals broke into the Korean subsidiary of luxury brand Louis Vuitton and stole sensitive files, the company has confirmed.
“We regret to inform that an unauthorized third party temporarily accessed our system resulting in the leak of some customer information,” the company allegedly said in a statement published on its local website.
The company notified government authorities, and moved to secure its infrastructure and data, confirming some information was taken in the breach, but financial files were not among them.
Scattered Spider’s fingerprints
Other details of the attack are scarce – we don’t know when the attack happened, how the miscreants breached the company, or what they were looking to achieve. We also don’t know if they demanded any ransom in exchange for the stolen files, or if an encryptor was deployed.
However, we do see a pattern in cybercriminals targeting major luxury brands. In early June 2025, French luxury brand Cartier warned customers some of their sensitive personal information was stolen in a data breach.
Two weeks prior, in mid-May 2025, Dior experienced the same thing, after finding an unauthorized third party accessing some of the data it holds for Dior Fashion and Accessories customers. Around the same time, Victoria’s Secret, another major fashion brand, filed a new form with the US SEC confirming restoring systems after a breach.
Although unconfirmed in most cases, there were some reports attributing all three of these to Scattered Spider – a loosely tied organization of cybercriminals known for targeting specific industries at any one time. The FBI recently warned about Scattered Spider shifting focus towards US retailers. Although most of these are not US companies, they are major retail brands and as such are likely targets for Scattered Spider.
Via Reuters
Leave a comment