Luxury fashion brand Louis Vuitton is under scrutiny in Hong Kong after a major data breach exposed sensitive information of approximately 419,000 customers, according to Reuters. The breach has triggered an official investigation by Hong Kong’s Office of the Privacy Commissioner for Personal Data (PCPD), which is now examining the circumstances and Louis Vuitton's delayed disclosure of the incident.
The stolen data includes:
-
Names
-
Passport numbers
-
Addresses
-
Phone numbers
-
Email IDs
-
Shopping history
-
Product preferences
Fortunately, no payment or credit card data was compromised, the company confirmed in a statement.
Louis Vuitton, part of the French luxury conglomerate LVMH, stated that an unauthorised party accessed their systems and took certain customer data. The brand has since said it is working closely with regulators and has begun notifying affected customers.
However, the timeline of events has raised eyebrows:
-
June 13: Louis Vuitton’s global office detected suspicious activity.
-
July 2: It became clear that Hong Kong customer data was involved.
-
July 17: The breach was officially reported to Hong Kong authorities.
The two-week gap between confirmation and notification is now under investigation. The PCPD is assessing whether the company violated local privacy laws by failing to report in a timely manner.
This isn’t an isolated case — Louis Vuitton has also recently faced similar data breach issues in South Korea and the UK earlier this month, indicating a potentially broader vulnerability in its cybersecurity framework.
The privacy regulator has advised customers to:
-
Be cautious of suspicious emails or phone calls.
-
Monitor their personal information for any misuse or fraud attempts.
The investigation in Hong Kong is still ongoing, and it may lead to penalties or enforcement actions if Louis Vuitton is found in violation of the law.
