Ransomware victim disclosure
← All victimsCartier
Claimed by Shinyhunters · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Shinyhunters
- Status
- Data leaked
- Country
- France
- Sector
- Consumer Services
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profileCartier is a French luxury goods conglomerate founded in 1847 by Louis-François Cartier in Paris, specializing in high-end jewelry, watches, perfumes, and accessories. The brand is globally recognized as a symbol of prestige and is part of the Richemont Group. Its clientele includes celebrities and royalty worldwide.
- Industry
- Luxury Goods & Jewelry
- Address
- 13 Rue de la Paix, 75002 Paris, France
- Employees
- 10000+
- Founded
- 1847
Attack summary
Severity: medium — Data is listed as published by a known and credible threat actor (ShinyHunters, responsible for numerous large-scale breaches), but the leak post contains no specific evidence of data type, volume, or confirmed exfiltration details. The high-profile nature of the victim and ShinyHunters' track record elevate this above low, but lack of any proof inventory or data description prevents a higher rating.ShinyHunters claims to have attacked Cartier with data published status, suggesting exfiltration of company data; however, the leak post provides no specific details on the nature or volume of data stolen, and no ransom amount or data size has been stated.
Original description
AI-summarised, not from the leak postCartier is a renowned French luxury goods conglomerate that specializes in designing, manufacturing, and selling high-end jewelry and watches. Since its founding in 1847 by Louis-François Cartier in Paris, it has become globally recognized for its elegant, high-quality items, symbolizing prestige and opulence. It further diversifies into perfumes and accessories. Its products are adorned by many celebrities and royals.
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

