Dior, Louis Vuitton, Tiffany Fined $25 Million in South Korea After Data Breaches

• South Korea’s Personal Information Protection Commission (PIPC) announced last week that it has issued significant fines to several major luxury brands over a recent hacker attack that resulted in massive data breaches.The fines, totaling 36 billion Korean won ($25 million), were imposed on Louis Vuitton, Dior, and Tiffany, all owned by the Paris-based multinational luxury goods conglomerate LVMH.According to the Korean regulator, Louis Vuitton received a fine of roughly $15 million for cybersecurity failures that involved employee devices getting infected with malware and the information of approximately 3.6 million individuals getting compromised.Dior was fined the equivalent of more than $8.4 million for exposing the information of 1.95 million individuals after an employee fell for a voice phishing attack.Tiffany has been ordered to pay $1.6 million for exposing the details of roughly 4,600 people after also falling victim to a voice phishing attack.The South Korean agency said the data breaches are related to a SaaS platform intrusion, but did not name the platform.Advertisement. • Scroll to continue reading.However,Louis Vuitton,Dior, andTiffanywere among the dozens of major organizations hit last year in a campaigntargeting Salesforce customers.The Scattered LAPSUS$ Hunters extortion group obtained millions of data records after gaining access to the Salesforce instances of the targeted organizations. • The hackers leveraged social engineering rather than vulnerabilities in Salesforce infrastructure or products.SecurityWeekhas contacted LVMH for comment and will update this article if the company responds.Related:Flickr Security Incident Tied to Third-Party Email SystemRelated:Dutch Carrier Odido Discloses Data Breach Impacting 6 MillionRelated:Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed The fines, totaling 36 billion Korean won ($25 million), were imposed on Louis Vuitton, Dior, and Tiffany, all owned by the Paris-based multinational

Article Summaries:

• South Korea’s Personal Information Protection Commission (PIPC) announced last week that it has issued significant fines to several major luxury brands over a recent hacker attack that resulted in massive data breaches. The fines, totaling 36 billion Korean won ($25 million), were imposed on Louis Vuitton, Dior, and Tiffany, all owned by the Paris-based multinational luxury goods conglomerate LVMH. According to the Korean regulator, Louis Vuitton received a fine of roughly $15 million for cybersecurity failures that involved employee devices getting infected with malware and the information of

Sources:

• https://www.securityweek.com/dior-louis-vuitton-tiffany-fined-25-million-in-south-korea-after-data-breaches/