Chanel, a leading fashion brand, has been targeted in a series of cyberattacks linked to vulnerabilities in Salesforce.

Chanel has become the latest victim of a sophisticated cybercrime campaign targeting major corporations through their Salesforce customer relationship management systems. The company confirmed on July 25, 2025, that unauthorized threat actors breached a database containing personal information of U.S. customers who contacted their client care centre. The breach exposed limited but sensitive customer data, including names, email addresses, mailing addresses, and phone numbers of individuals who had reached out to Chanel’s U.S. client care centre. Importantly, no financial information, payment data, or internal operational systems were compromised in the attack, according to a report by WWD. This incident is part of a broader wave of cybercrime orchestrated by the notorious ShinyHunters extortion group, which has systematically targeted Salesforce instances across various industries since early 2025.

The ShinyHunters campaign has affected an unprecedented roster of major brands, including Qantas, Allianz Life, LVMH subsidiaries Louis Vuitton and Dior, Tiffany & Co., and Adidas. This coordinated assault highlights the evolving threat landscape, where cybercriminals increasingly focus on cloud-based customer relationship management platforms rather than attempting to breach companies’ primary security defences directly. The attacks have spanned multiple countries, impacting customers in the United States, the United Kingdom, South Korea, Turkey, Italy, and Sweden. The ShinyHunters group, tracked by Google’s Threat Intelligence Group as UNC6040, employs sophisticated voice phishing (vishing) techniques to compromise Salesforce environments. Attackers impersonate IT support personnel in convincing telephone calls to employees, typically targeting English-speaking staff at multinational corporations.