Excerpt from CyberInsider Article, Published on September 17, 2025
Luxury jeweler Tiffany & Co has confirmed a significant data breach that exposed the gift card information and personal details of more than 2,500 customers. In early May 2025, attackers gained unauthorized access to Tiffany & Co’s systems, prompting an investigation led by an external cybersecurity firm. According to filings with the Maine Attorney General’s Office, stolen data includes customer names, addresses, emails, phone numbers, sales records, client reference numbers, as well as Tiffany & Co gift card numbers and PINs.
The stolen gift card details pose serious risks, as cybercriminals can use them to purchase jewelry or resell the gift cards with minimal traceability. Additionally, exposed customers may face phishing attempts where attackers impersonate Tiffany & Co to capture more personal or financial information.
In notifying affected clients, Tiffany & Co stated it takes data security seriously and that, so far, there is no evidence of misuse of the compromised data. This breach marks the second major incident involving Tiffany & Co customer data this year, following an earlier breach at its South Korean branch tied to a third-party vendor.
The breach highlights growing cyber threats targeting luxury brands, with other LVMH-owned labels also recently reporting similar cybersecurity incidents. As one of the most iconic names in luxury goods, Tiffany & Co faces ongoing challenges in protecting customer data from increasingly sophisticated cyberattacks.
To delve deeper into this topic, visit the CyberInsider Article.
