Major Fashion Brands Hit by Cyber Attack; Customer Data Exposed
A significant data breach has affected millions of customers associated with high-end fashion labels Gucci, Balenciaga, and Alexander McQueen, following a cyber attack on a third-party technology vendor responsible for managing the brands’ servers.
According to reports, a notorious hacker group known as “Shiny Hunters” has claimed responsibility for the breach. The compromised data is believed to include sensitive personal information such as names, email addresses, phone numbers, residential addresses, and even financial information linked to the brands’ customers who spent more than $80k on the goods purchase.
Kering, the parent company of the three fashion houses, has confirmed the incident. Initial investigations suggest that over 7.4 million email addresses may have been exposed. Kering stated that it has already deployed enhanced cybersecurity measures to mitigate further risk.
The hacker group behind the breach, Shiny Hunters, is reportedly composed of English-speaking teenagers. They have previously collaborated with other cybercriminal collectives, including Lapsus$ and Scattered Spider, forming a hybrid group dubbed “Shiny Lapsus Spider.” This larger collective is allegedly behind past high-profile breaches involving tech giants such as Google, Cisco, and Salesforce.com.
Ukraine Launches Cyber Offensive Against Russian Electoral Systems
In a bold move amid its ongoing conflict with Russia, Ukraine’s Military Intelligence Directorate (HUR) announced that it launched a cyber attack against Russia’s Central Election Commission (CEC) on September 14, 2025.
The operation targeted systems responsible for overseeing Mayoral and Gubernatorial elections across Russia. The CEC later confirmed that its servers were hit by a Denial-of-Service (DoS) attack, which temporarily disrupted electoral services.
Ukrainian officials labeled the action as a digital retaliation against Russian aggression, signaling a new front in modern warfare where cyberattacks complement physical military operations.
Qilin Ransomware Group Threatens to Leak New Orleans Sheriff’s Office Data
The Qilin Ransomware gang has issued a public warning after the New Orleans Sheriff’s Office allegedly failed to meet ransom demands. The group claims to have stolen approximately 842 GB of sensitive data and is now offering to sell it for $10,000, payable in installments.
Qilin is known for operating under the Ransomware-as-a-Service (RaaS) model, where they lease their malware tools to other cybercriminals. In this case, they threatened the Sheriff’s Office IT staff with “dreaded consequences” unless payment was made.
While the extent of the breach is still unclear, a source close to the investigation indicated that the Sheriff’s Office does not intend to negotiate with the attackers. It also remains uncertain whether the office had a robust backup and recovery plan in place prior to the breach.
Ransomware Forces Texas School District to Temporarily Shut Down
In Texas, the Uvalde Consolidated Independent School District (UCISD) was forced to suspend operations for several days following a ransomware attack that crippled key infrastructure.
The attack affected several systems, including air conditioning, communications networks, security cameras, and the Skyward platform, which manages payroll and student data. The district announced closures from September 15 to September 18, with plans to compensate for lost instructional time through revised scheduling.
There is speculation that the Shiny Hunters group may have been involved in the incident; however, no concrete evidence has been presented to confirm their role at this time.
Samsung Warns of Major Security Flaw in Galaxy Devices
Samsung has issued a critical security update for its Galaxy smartphones, addressing a serious out-of-bounds write vulnerability affecting devices running Android 13, 14, and 15. Early testers of Android 16 beta have also reported signs of vulnerability.
This flaw could allow a remote attacker to send a malicious image file to a targeted device. When the image is received and processed, it can trigger the execution of malicious code that compromises the device without any user interaction — a technique known as a zero-click attack.
Samsung credits WhatsApp’s security team for alerting them to the flaw, which appears to be part of a broader threat targeting high-risk individuals such as journalists, diplomats, and politicians. The company urges all users to install the latest software updates immediately to secure their devices.
Takeaway
These incidents underscore the increasing sophistication and frequency of cyberattacks across sectors — from luxury retail and law enforcement to education systems and government infrastructure. As threat actors continue to evolve, so must our collective focus on cybersecurity preparedness, rapid response, and public awareness.
Join our LinkedIn group Information Security Community!
