Threat Intel

Tiffany Data Breach Impacts Thousands of Customers

Tiffany and Company has notified customers in the U.S. and Canada that their personal information was stolen by hackers.
The breach occurred on or around May 12, 2025, with hackers gaining unauthorized access to Tiffany’s systems.
Stolen information includes names, email addresses, postal addresses, phone numbers, sales data, gift card numbers, and PINs.
Over 2,500 individuals in Maine are confirmed to be impacted, with the number of affected Canadian customers unclear.
Tiffany is owned by LVMH, a French luxury conglomerate that also owns brands like Louis Vuitton, Dior, and Givenchy.
Several LVMH brands, including Louis Vuitton and Dior, were recently targeted by the cybercrime group Scattered Spider.
It is unclear if the Tiffany breach is related to the Salesforce attacks or if it is a separate incident.
Tiffany’s disclosure states that hackers accessed its own systems, with no mention of a third-party service.
No ransomware group has claimed responsibility for the Tiffany breach by listing it on their leak website.
SecurityWeek has reached out to Tiffany for further clarifications and will update the article if the company responds.