Ransomware victim disclosure
← All victimsKering (Gucci, Balenciaga, Brioni, AlexMcQ)
Claimed by Shinyhunters · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Shinyhunters
- Status
- Data leaked
- Country
- France
- Sector
- Consumer Services
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profileKering is a Paris-based global luxury group that owns and develops a portfolio of prestigious fashion and lifestyle houses including Gucci, Balenciaga, Brioni, and Alexander McQueen. The group operates across clothing, leather goods, footwear, and accessories segments worldwide. Kering is publicly listed and employs tens of thousands of people across its brand network.
- Industry
- Luxury Fashion & Accessories
- Address
- 40 Rue de Sèvres, 75007 Paris, France
- Employees
- 40000
- Founded
- 1963
Attack summary
Severity: high — ShinyHunters is a well-known exfiltration-focused group and the status is 'data_published', indicating confirmed data release from a major multinational luxury conglomerate. While the specific data types are unconfirmed from the post excerpt, the scale of the organisation and the group's track record of publishing large PII datasets elevates this to high severity.ShinyHunters claims to have obtained data associated with Kering and its subsidiary brands; the post indicates data has been published, though the specific nature of exfiltrated content (type, volume) is not detailed in the available excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Corporate data
- Brand-related records
- Potentially customer or employee PII
Original description
AI-summarised, not from the leak postKering is a global luxury group that manages the development of renowned houses in fashion, such as Gucci, Balenciaga, Brioni, and Alexander McQueen. These brands are popular in clothing, leather goods, footwear, and accessories sector. Kering, based in Paris, France, empowers its brands to reach their potential in the most imaginative and sustainable manner.
Sources
- Leak posthttps://breachforums.hn//kering.html
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

