Leak at Louis Vuitton
In July 2025, French luxury brand Louis Vuitton disclosed that an unauthorized third party had accessed customer data — names, contact details, postal addresses, dates of birth and purchase history — as part of a global breach affecting clients in France, South Korea and other markets; no payment data was exposed.
- Victim
- Louis Vuitton
On 11 July 2025, Louis Vuitton — the flagship LVMH luxury fashion and leather goods house — disclosed a data breach in which an unauthorized third party had temporarily accessed systems holding client information. The intrusion was part of a wider international campaign that hit Louis Vuitton customers across several markets; France was confirmed among the affected countries, alongside South Korea, the United Kingdom, Turkey and others.
According to the company, the unauthorized access took place around 7 June 2025 and was detected on 2 July 2025. Louis Vuitton did not detail the technical attack vector, describing only that an outside party had "temporarily accessed" its environment. The breach followed similar data incidents reported earlier in 2025 at sister LVMH brands Christian Dior and Tiffany.
Exposed customer data included:
- First and last name, gender
- Country, postal address
- Phone number and email address
- Date of birth
- Purchase data and shopping preferences
Louis Vuitton stated that no passwords and no financial or payment card data were involved. The company said it had contained the incident and reinforced its security measures, reported no evidence of fraudulent misuse of the data, and notified the relevant authorities, including the French data protection regulator (CNIL).
Sources
- next.inkhttps://next.ink/brief_article/fuite-de-donnees-chez-louis-vuitton-la-france-est-aussi-concernee/
- securityweek.comhttps://www.securityweek.com/louis-vuitton-data-breach-hits-customers-in-several-countries/
- securityaffairs.comhttps://securityaffairs.com/179908/data-breach/global-louis-vuitton-data-breach-impacts-uk-south-korea-and-turkey.html