News Heading

Beauty Giant Estée Lauder Targeted by BlackCat and Cl0p Ransomware Groups

Reading time: 2 min

Updated on Jul 22, 2023

  • Shipra Sanganeria

    Written by: Shipra Sanganeria Cybersecurity & Tech Writer

On July 18, Estée Lauder in a press statement disclosed that the company had suffered a cybersecurity attack by an unauthorized third party. However, two ransomware gangs have claimed breaching the company in separate incidents.

On their dark leak sites, the threat actors Cl0p and ALPHV/BlackCat added the New York-headquartered Estée Lauder’s name to their growing list of victims.

Regardless of their claims, the cosmetic maker in its statement confirmed only one of the attacks saying that unknown hackers had accessed the company’s network and stolen some data.

Full details of the attack are yet to be known, but, on being aware of the incident, the company proactively took down the compromised system to prevent further infiltration. Now, it remains to be seen whether the company only suffered a data breach attack or if there was also a deployment of ransomware onto its network.

Cl0p ransomware gang claims to have 131GB of data in its possession. Whether or not this data came from its MOVEit Transfer supply chain campaign that adversely affected various organizations worldwide is yet to be confirmed.

Nevertheless, the MAC cosmetics owner confirmed the continuation of its investigation with third-party cybersecurity experts to understand the nature and scope of stolen data. It’s also coordinating with law enforcement agencies and has reported the incident in its Security Exchange Commission (SEC) filing.

Focused on remediation, Estée Lauder has already deployed measures to secure its network and business operations, including restoring the compromised system and services. ‘’The incident has caused, and is expected to continue to cause, disruption to parts of the Company’s business operations,’’ the statement read.

In 2020, the beauty giant had suffered a massive data breach of nearly 440 million records due to the exposure of an unprotected database. The database was said to contain email addresses of a company-owned education platform’s users.

Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!
0 Voted by 0 users
Title
Comment
Thanks for your feedback
Please wait 5 minutes before posting another comment.
Comment sent for approval.

Leave a Comment

Show more...