SOCRadar® Cyber Intelligence Inc. | Luxottica Data Leak Exposes Over 70M Customers’ Data


May 25, 2023
3 Mins Read

Luxottica Data Leak Exposes Over 70M Customers’ Data

Luxottica, the world’s largest eyewear company, has revealed that it was the victim of a major cyber attack. The attack exposed the personal information of over 70 million customers on hacking forums.

The major brands Luxottica owns include Chanel, Oakley, Prada, Dolce and Gabbana, Versace, Burberry, Ray-Ban, Giorgio Armani, Bulgari (Bvlgari), and Michael Kors.

Hackers Attempted to Sell Luxottica Data on BreachForums

On November 2022, hackers attempted to sell a database of Luxottica on the former BreachForums, claiming it contained 300 million records from 2021. However, they were unsuccessful. 

Hacker selling Luxottica data on BreachForums, November 2022 (Source: Twitter)

Later, on April 30 and May 12, the Luxottica customer data was leaked for free on various hacking forums. Andrea Draghetti from D3Lab posted about the leak on Twitter:

Luxottica database free public leak on a hacker forum (Source: Twitter)

Sharing such a large-scale dataset for free raises suspicion, especially when it belongs to a major global brand. Additionally, the data does not contain sensitive information like passwords. 

According to Draghetti, the leak exposed 74.4 million unique email addresses2.6 million unique domain email addresses, and 305 million records. Customer contact information, such as names, addresses, phone numbers, emails, and dates of birth, is among the compromised personal data.

According to Troy Hunt from “Have I Been Pwned,” the leaked data includes information from 77,093,812 distinct accounts.

How Did Hackers Obtain the Luxottica Data?

Earlier, it was believed that the hackers obtained the data during two separate attacks on Luxottica in 2020. The initial attack took place in August 2020 and resulted in the exposure of the personal information of 829,454 customers from two subsidiaries of Luxottica: EyeMed and LensCrafters. A month later, Luxottica experienced a ransomware attack, leading to operational disruptions in China and Italy.

Some researchers believed that there could be another attack that caused the data breach. Recently, Luxottica confirmed another attack; the company disclosed that it detected the distribution of specific retail customer data in November 2022, allegedly obtained through a third party connected to its customers.

Luxottica has stated that it is investigating the incident, and while personal information was compromised, the hackers could not obtain any financial information, social security numbers, or credentials.

Visit SOCRadar Labs for a free Dark Web Report; find out if your data has been exposed on forums, leak sites, or Telegram channels.

Get Alerts of Breach Datasets with SOCRadar

In case your data is compromised, SOCRadar will notify you immediately. SOCRadar constantly scans the internet, including the Dark & Deep Web and various hacker channels, for leaked information regarding your company. Threat actors on the dark web sell the stolen data for profit or give it away to other threat actors for free. Personal data that ends up on the Dark Web is frequently utilized for identity theft or phishing.

OCRadar alerts companies for breached datasets and combolists.

You can find more incidents on Dark Web News, where SOCRadar publishes detected threat actor activities, including ransomware attacks, sales of unauthorized access, and data leaks. On the tab, you can filter the news by industry, country, and date.

Find more incidents on SOCRadar’s Dark Web News