Pandora (Danish jewelry brand) and Chanel (French luxury fashion house) both disclosed in August 2025 that their Salesforce CRM environments had been compromised as part of the ShinyHunters/Scattered Spider Salesforce campaign. Pandora exposure included names, birthdates, and email addresses. Chanel exposure included customer names, email addresses, mailing addresses, and phone numbers. Both companies notified affected customers and relevant European data protection authorities (DPA). Part of the broader 2025 Salesforce campaign affecting TransUnion (44M+), Air France-KLM, Cisco, Stellantis, and Farmers Insurance.