French luxury brand Chanel has confirmed a data breach linked to a wave of Salesforce-related cyberattacks. The incident, discovered on July 25, exposed the personal contact details of U.S. customers who had reached out to Chanel’s client care center.
The compromised data included names, email addresses, phone numbers, and mailing addresses. No sensitive financial or account information was affected, and those impacted have been notified. The breach occurred through a third-party service provider, reportedly tied to Chanel’s Salesforce instance.
Cybercrime group ShinyHunters has been blamed for the attack. They are known for targeting Salesforce users through voice phishing (vishing) and deceptive OAuth applications to gain access, steal data, and attempt extortion.
Salesforce stated it was not directly breached. Instead, attackers exploited customer accounts via social engineering. The company urged all clients to enhance security by enabling multi-factor authentication (MFA), limiting user privileges, and managing connected apps carefully.
Other notable companies affected by similar attacks include Adidas, Qantas, Allianz Life, and LVMH brands like Louis Vuitton, Dior, and Tiffany & Co. While some incidents remain undisclosed, investigators believe more victims may come forward.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
