Estee Lauder Reports Data Breach
Learn More
Estee Lauder disclosed a data breach incident where an unauthorized third party managed to compromise its cybersecurity and gain access to some of its systems on July 18. Upon discovering the breach, the company took down part of its systems and initiated an investigation with the help of leading third-party cybersecurity experts.
It's understood that the hackers were able to obtain some data from Estee Lauder's systems, but the company has not specified the nature or scope of the data that was compromised, impacted individuals nor the type of the attack.
The only hint currently available is the mitigation action - shutting down systems which is indicative of ransomware attack.
In response to the breach, the company is implementing measures to secure its business operations and is actively engaged in remediation efforts to restore affected systems and services.
The breach has already caused disruptions to parts of its business operations, and there is a possibility of continued disruption in the future.
Update - Two separate ransomware gangs - ALPHV/BlackCat and Cl0p - claim to have carried out attacks against Estee Lauder.
The BlackCat gang expressed their displeasure with the company's security measures, taunting them for their inability to remove the threat from their network. Interestingly, BlackCat mentioned that they did not encrypt any of Estée Lauder's systems, but they threatened to disclose further details about the stolen data if the company does not engage in negotiations. The stolen information is said to have the potential to affect customers, employees, and suppliers
Clop ransomware is believed to have breached Estée Lauder by exploiting a vulnerability in the MOVEit Transfer platform and also revealed that they possess over 131GB of the company's data.
