Luxury fashion powerhouse Louis Vuitton has confirmed two separate cyber-attacks within a week, resulting in the unauthorized access of customer data in both its UK and Korean operations. These incidents mark the third and fourth breaches affecting parent company LVMH in as many months, raising significant concerns about the luxury sector’s cybersecurity posture.

The UK breach, which Louis Vuitton became aware of on July 2nd (According to Guardian https://www.theguardian.com/technology/2025/jul/11/louis-vuitton-uk-customer-data-stolen-cyber-attack), saw hackers gain access to customer information including names, contact details, and purchase history. This followed a similar attack on its Korean division earlier in July, where comparable data was compromised. Importantly, Louis Vuitton has assured customers that no financial data, such as bank details or payment information, was accessed in either incident.

In an email to affected customers, Louis Vuitton stated, “While we have no evidence that your data has been misused to date, phishing attempts, fraud attempts, or unauthorized use of your information may occur.” The company has notified relevant authorities, including the UK’s Information Commissioner’s Office (ICO).

These breaches are part of a worrying trend for LVMH. In May, Christian Dior Couture, another brand under the LVMH umbrella, also reported a cyber-attack that exposed customer data. This string of incidents suggests a potential systemic vulnerability or a coordinated targeting of the luxury conglomerate.

Cybersecurity experts are highlighting the heightened risk for Louis Vuitton’s clientele, which often includes high-net-worth individuals. The personal information of such individuals is considered particularly valuable by cybercriminals, making them prime targets for sophisticated phishing attempts and other social engineering scams.

“The personal information of high-profile individuals is perceived as more valuable by cybercriminals, and with the recent string of retail breaches, attackers may have felt emboldened,” commented James Hadley, founder and chief innovation officer at Immersive. He emphasized the critical need for organizations to continuously stress-test their defenses and develop robust cyber resilience strategies.

While Louis Vuitton has stated it is taking measures to strengthen its system security, including engaging external cybersecurity experts and conducting thorough investigations, the repeated nature of these attacks underscores the urgency for a comprehensive, group-wide security overhaul within LVMH.

The incidents at Louis Vuitton also align with a broader wave of cyber-attacks impacting the retail sector in the UK this year, with major names like Marks & Spencer, Co-op, and Harrods also falling victim. Law enforcement has recently made arrests in connection with some of these earlier attacks, though it remains unclear if there’s any direct link to the Louis Vuitton breaches.

Customers of Louis Vuitton are strongly advised to remain vigilant for any suspicious communications, including emails, calls, or text messages that appear to be from the brand. They should avoid clicking on unfamiliar links or providing any personal or financial information in response to unsolicited requests.