Luxury Retailers Targeted in Supply Chain Data Breach

Luxury Retailers Targeted in Supply Chain Data Breach

First seen 17 Apr 2026, 02:00 UTC CybernewsScworld 74% similarity 51.9

Article Content

Browse articles
ThreatCluster

Lacoste, Ralph Lauren, Canada Goose, and Carter's are reportedly victims of a supply chain data breach, as claimed by a threat actor on an underground forum. The hacker shared sample data, including employee names, work emails, and potentially customer information, though some data was redacted. Cybernews researchers identified that the data structure was consistent across all brands, suggesting a shared vulnerability likely stemming from a third-party service provider. The attack may have exploited compromised employee accounts or system misconfigurations. This incident follows a previous breach involving Canada Goose, where over 600,000 records were allegedly stolen by a group known as ShinyHunters. The full extent of the breach remains unclear, and the brands have been contacted for confirmation. The leaked data poses risks of targeted phishing attacks against employees and customers.

Key Points: • Four luxury retailers reportedly breached in a supply chain attack. • Data includes employee names, emails, and possibly customer information. • Attack likely exploited third-party vulnerabilities or compromised accounts.

ThreatCluster AI

Timeline

2026-02-01
Canada Goose previously denied breach claims by ShinyHunters.
2026-04-15
Cybernews reports on luxury retailers' data breach claims.
2026-04-16
Scworld publishes brief on the same breach incident.

Community

Browse all →