Hackers target Valentino, Michael Kors, and Creed fashionistas


Dorben Group, a key partner for Valentino, Creed, and Michael Kors luxury brands in Latin America, allegedly suffered a data breach as information belonging to 790,000 customers ended up on a hacker forum.

On February 7, the threat actor listed a dataset that allegedly belongs to the Dorben Group. Cybernews was unable to verify this independently.

The leaked database included customers’ full names, emails, phone numbers, and home addresses. The cybercriminal behind the dataset listing claims that the customer data is dated September 2022. Cybernews contacted the Dorben Group but received no response at the time of writing.

ADVERTISEMENT

Dorben Group operates 70 stores in 10 countries through joint ventures, franchises, and distribution agreements. The company has offices in the United States, Brazil, Colombia, and the Dominican Republic, employing around 500 people. The company partners with more than 20 brands, including Carolina Herrera, H&M, Coach, Michael Kors, Tod’s, Tory Burch, Jimmy Choo, Valentino, Purificacion Garcia, Creed, and others.

The publicly available information suggests that the threat actor joined the forum on August 2022 and has no reputation scores attributed to them by other forum members. The attacker has previously listed couple dozen other leaked datasets belonging to various organizations worldwide.

Not a laughing matter

While there is a tendency for threat actors to exaggerate their claims and pull PR stunts, the companies that see their name on the cybercriminal forum should not underestimate the risks. The threat actors, often called script kiddies to belittle them, can cause serious havoc.

“It is important to note that the alleged leak of customer data is a serious matter that should be thoroughly investigated. The release of sensitive information such as customer names, addresses, and potentially financial information can have devastating consequences for both the affected individuals and the company,” said Mantas Sasnauskas, a head of a research team at Cybernews.

He highlighted that it is essential for affected customers to monitor their financial information and take necessary precautions to protect their identity. “The alleged leak serves as a reminder of the importance of strong data security measures and the consequences of failing to protect sensitive information adequately,” added Sasnauskas.

Big brands on cybercriminals’ radar

If proven to have happened, the Dorben Group leak will not be the first to affect famous brands. Last week, another threat actor uploaded a database with private data of 11 million customers of US-based online grocery delivery platform Weee!.

ADVERTISEMENT

Some leaked logs included door codes that couriers use to enter buildings. The company confirmed the breach to Cybernews, adding that no customer financial data was exposed.

At the beginning of February, the same attacker also leaked the stolen data from mobile carrier US Cellular. The company confirmed the incident that affected 52,000 clients.

The leaked dataset included sensitive data, such as customer subscriber ID, subscriber and account keys, full name and business name, account activation date, current cellular plan and price, device manufacturer and model, current balance, and whether the user is enrolled in autopay and/or has an insurance policy on their device.

In January, Cybernews reported that allegedly Puma’s customer data was also leaked on the same hacker forum. An anonymous threat actor shared an 84MB-strong dataset claiming it belongs to a multinational sportswear manufacturer.

The leaked database included customers' names and contact information, such as emails, telephone numbers, and billing and shipping addresses. It also contained details about their purchases – order numbers, payment methods, total monies paid, shipping costs, and discounts.

The company admitted to having started an investigation but has not confirmed to Cybernews if the leaked data belongs to their customers.