Excerpt from BleepingComputer Article, Published on August 4, 2025
French fashion giant Chanel is the latest victim in a growing wave of Salesforce data theft attacks targeting major global companies. The breach was first detected on July 25, 2025, when unauthorized threat actors accessed a Chanel database hosted at a third-party service provider.
This attack compromised personal contact information of customers based in the United States, including names, email addresses, mailing addresses, and phone numbers. Chanel promptly informed the affected clients, emphasizing that no other data was involved.
Investigations revealed that the stolen data originated from Chanel’s Salesforce instance, as attackers exploited security vulnerabilities through social engineering tactics. The ongoing campaign is linked to the ShinyHunters extortion group, which gains access to Salesforce portals by tricking employees into authorizing malicious OAuth applications or harvesting credentials via voice phishing attacks.
Salesforce clarified that its platform itself was not breached, attributing the incidents to user account compromises through sophisticated phishing and social engineering methods. Chanel’s breach aligns with similar recent Salesforce attacks impacting other high-profile brands like Adidas, Qantas, and LVMH subsidiaries, including Louis Vuitton and Dior.
These incidents have highlighted the critical importance of enabling multi-factor authentication and enforcing least privilege access policies. Companies must remain vigilant and educate employees against evolving threats that abuse connected applications and trusted platforms.
To delve deeper into this topic, read the article at BleepingComputer.
