Louis Vuitton Confirms Third LVMH Cyberattack

Louis Vuitton has sent an email to its customers detailing a cyberattack that exposed personal information, making it the third time in 90 days. The latest LVMH cyberattack occurred on July 2, 2025, and adds to a string of security incidents linked to LVMH brands since May.

The previous LVMH cyberattack, involving Louis Vuitton Korea, took place on June 8, 2025, when an unauthorized third party accessed internal systems and extracted customer data. While no financial information, such as credit card numbers or banking details, was compromised, Louis Vuitton stated that the LVMH cyberattack has been contained and that steps are being taken to reinforce its cybersecurity measures.

Third LVMH Cyberattack Confirmed

In a customer notification email, the company revealed that names, contact details, and purchase histories had been exposed in LVHM cyberattack. As with the previous LVMH cyberattacks, no financial or payment data was compromised.

Louis Vuitton has notified the UK Information Commissioner’s Office, as required by local data protection regulations, and is working directly with affected individuals. This UK-based incident marks the third LVMH cyberattack in just 90 days, following earlier breaches at Christian Dior Couture and Louis Vuitton Korea.

Although no cybercriminal group has taken responsibility, the close timing of the events has drawn industry attention. Customers are being advised to be especially wary of phishing attempts.

Scammers may use references to recent purchases, loyalty accounts, or exclusive promotions to trick individuals into revealing more sensitive data.

Louis Vuitton Korea Issues Apology and Launches Investigation 

In a formal statement, the fashion brand said it deeply regretted the Louis Vuitton Korea data breach and had taken immediate action to secure its systems. The company reported the breach to relevant government authorities and has engaged cybersecurity experts to support the investigation and strengthen its defenses. 

Translated from Korean:  “We regret to inform you that an unauthorized third party temporarily accessed our system and leaked some customer information. Fortunately, financial information such as passwords, credit card details, and bank account numbers were not included in the leaked data.” 

Louis Vuitton also emphasized the importance of vigilance, urging customers to be cautious of suspicious communications and avoid sharing sensitive credentials. “We remind customers never to share their Louis Vuitton passwords, as we do not request them under any circumstances,” the company noted. 

What Information Was Exposed in the Louis Vuitton Korea Data Breach? 

According to the internal investigation, the information exposed in the Korea LVMH cyberattack may vary by individual but could include names, surnames, contact details, and other data provided voluntarily by customers. The breach was discovered and confirmed by the company on July 2, following the unauthorized access that occurred in early June. 

This latest Louis Vuitton Korea cyberattack follows a similar incident involving Christian Dior Couture, another LVMH brand, in May 2025. Dior reported that an “unauthorized external party” had accessed customer data earlier in the year. French newspaper Le Monde later reported that the Dior breach took place in January and affected customers in Asia. 

Neither brand disclosed financial information loss. 

Caution Urged Amid Rise in Threats 

Following the cyberattack on Louis Vuitton Korea, cybersecurity professionals are warning that high-end retail brands are becoming increasingly attractive targets for hackers. Although financial data was not taken, access to personal information can enable phishing attempts, social engineering scams, and identity theft. 

The company’s Korean-language announcement also included a strong warning to customers: 

“Given the nature of the exposed information, we advise customers to exercise caution regarding unexpected communications or suspicious messages. Please do not share your Louis Vuitton password with anyone.” 

Louis Vuitton Korea stated it is now working with “top cybersecurity experts” to upgrade its system defenses and prevent further incidents. While the company had implemented comprehensive security protocols before the attack, this event highlights how cyber threats are targeting fashion brands.

“We are prioritizing the protection of our customers’ personal information and are doing everything possible to prevent such incidents from recurring,” the company assured. 

With three confirmed LVMH cyberattack brands—Christian Dior Couture, Louis Vuitton Korea, and now Louis Vuitton UK—attention is turning toward the conglomerate’s overall cybersecurity strategy and whether additional vulnerabilities remain unaddressed.

Related