Kering is the latest luxury company to be targeted by cyber hackers, following Chanel and Dior.
The private data of Kering-owned Gucci, Balenciaga and McQueen customers were stolen in the cyber attack, according to a report by the BBC.
Kering confirmed the breach to the BBC and said the incident has been disclosed to relevant data protection authorities.
Cosmetics Business has contacted Kering for comment.
Customers affected by the breach have reportedly been contacted by Kering.
“In June, we identified that an unauthorised third-party gained temporary access to our systems and accessed limited customer data from some of our houses," a Kering spokesperson told the BBC.
“No financial information – such as bank account numbers, credit card information, or government-issued identification numbers – was involved in the incident.”
Dior, which is owned by LVMH, was hit by a customer data breach in May, shortly after British high street retailer Marks and Spencer, luxury department store Harrods and British supermarket Co-op.
Chanel said in August that it became aware of a security incident involving a Chanel Inc. database in the US, which is hosted by a third-party service provider.
The investigation indicated that there was “unauthorised access” to this database, a Chanel spokesperson told Cosmetics Business.
At the time of the Harrods attack, Mona Schroedel, a data protection specialist at National law firm Freeths, told Cosmetics Business that luxury businesses were a target due to their customer base.
“Luxury businesses will hold a specific interest for hackers, aside from the usual blackmail options such as extorting money to regain access to fully functioning systems,” she said at the time the issue was disclosed.
“Harrods, for example, has a client base of high-net-worth individuals and is likely to hold a range of personal data about them.”
“Obtaining access to such personal data treasure troves could assist hackers in launching more targeted attacks.
"Data collected in the context of beauty treatments and products in particular may include sensitive personal data that individuals may not wish to be publicly known."