Excessive-end jewellery retailer Tiffany and Firm is notifying prospects in the USA and Canada that their private data was stolen by hackers.
Based on the notification despatched out to impacted people, a risk actor gained unauthorized entry to Tiffany techniques on or round Might 12, 2025.
An investigation revealed that the attacker obtained data related to Tiffany reward playing cards, together with identify, e mail handle, postal handle, cellphone quantity, gross sales information, reward card quantity, and PIN.
The posh items firm knowledgeable the Maine Legal professional Normal’s Workplace that greater than 2,500 people are impacted by the info breach. It’s unclear if that quantity consists of the affected Canadian prospects.
Tiffany is a part of the French luxurious conglomerate LVMH, which additionally owns high-end manufacturers like Louis Vuitton, Dior, and Givenchy. A number of LVMH manufacturers, together with Louis Vuitton, Dior and Tiffany, had been caught in a current marketing campaign carried out by the cybercrime group Scattered Spider, which focused information from the Salesforce cases of many main firms.
It’s unclear if the Tiffany breach disclosed this week is expounded to the Salesforce assaults or if it’s a second, unrelated intrusion.
It’s value noting that normally the businesses hit by the Salesforce hacks talked about of their disclosures that the incident concerned a third-party system. Tiffany’s disclosure says the hackers accessed its personal techniques and there’s no point out of a third-party service.
No recognized ransomware group has listed the luxurious retailer on its leak web site.Commercial. Scroll to proceed studying.
SecurityWeek has reached out to Tiffany for clarifications and can replace this text if the corporate responds.
Associated: Cartier Information Breach: Luxurious Retailer Warns Clients That Private Information Was Uncovered
Associated: TransUnion Information Breach Impacts 4.4 Million
Associated: Victoria’s Secret Says It Will Postpone Earnings Report After Latest Safety Breach
