Estée Lauder Hit by Cyber Attack: 131 GB Data Heist and Ransomware Threat
Estée Lauder Cos. Inc., a renowned beauty conglomerate, fell victim to a cyber attack that led to the theft of 131 GB of data and the partial shutdown of its systems. The attack was carried out by two groups, ALPHV/BlackCat and Clop, both claiming responsibility for the breach. The stolen data includes customer information, but the exact nature and extent of the compromised data have not been disclosed.
The ALPHV/BlackCat and Clop groups, which have been linked to other cyber attacks, posted Estée Lauder’s name on the dark web alongside other affected entities, including an airline and a comms regulator. It’s uncertain if Estée Lauder was among the 378 organizations and approximately 20 million individuals impacted by the breach via the file transfer tool, MoveIt.
The attackers made ransom demands, but Estée Lauder did not disclose their specific demands or intentions. The cyber attack has caused significant disruptions to the company’s operations, and it’s currently working with law enforcement to investigate the incident and mitigate the damages.
Ransomware attacks have become increasingly common, affecting various industries, including retail. Security vulnerabilities in software, phishing attacks on employees, and malware aimed at stealing sensitive data are common attack vectors used by cybercriminals.
As of now, Estée Lauder has not commented on the attack while the investigation is ongoing. The company faces the risk of more data leaks if they fail to meet the attackers’ demands. Other notable victims of similar attacks include Walmart, Ikea, McDonald’s, and numerous others, indicating the severity and widespread nature of such cyber threats in recent years.