Cyber Incident Victim: Cartier
Date:
Nov 2025
Location:
France
Summary
Cartier disclosed a data breach after an unauthorized party gained temporary access to its systems and obtained limited customer information including names, email addresses, and countries of residence. The company stated that no passwords, credit card numbers, or banking details were compromised, and that it contained the incident, enhanced system protections, notified law enforcement, and engaged an external cybersecurity firm to assist with remediation. The breach is part of a series of recent cyberattacks targeting fashion brands, with similar incidents reported at Dior, Adidas, and Victoria's Secret.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 2, 2025, Cartier sent notification letters to customers informing them of a data breach. The company stated that an unauthorized party gained temporary access to its systems and obtained limited client information. The compromised data included names, email addresses, and the countries where customers reside. Cartier emphasized that passwords, credit card numbers, and banking details were not accessed.
Cartier said it contained the issue and further enhanced protection of its systems and data. The company warned that the exposed information could be used in targeted attacks and advised customers to remain alert for unsolicited or suspicious communications. Cartier notified law enforcement and engaged an external cybersecurity firm to assist with remediation. As of the time of the BleepingComputer report, Cartier had not provided additional details such as the exact date of the breach or the number of affected individuals.
The Cartier breach follows similar incidents reported by other fashion brands in May and June 2025, including Dior, Adidas, and Victoria's Secret. Each of those brands disclosed compromises involving customer contact information. These events contributed to a broader trend of cyberattacks targeting luxury and retail sector entities.