Estée Lauder claims to have been infiltrated by two groups, making it the latest major company to apparently suffer a serious ransomware breach.
Twitter security researchers say the cosmetics giant was posted on leak sites for both the Alphv/BlackCat and Clop ransomware gangs.Researcher Dominic Alvieri was the only one Many people cite the news.
For more information on ransomware, see Clop Starts MOVEit Extortion as New Bug is Discovered.
The post appears to have been published on Tuesday, July 18th.
New York-based Estée Lauder, whose portfolio includes brands such as DKNY, Jo Malone, Tommy Hilfiger and Aveda, issued a brief statement today.
It said an unauthorized third party had accessed parts of its system.
“After becoming aware of the incident, the company proactively shut down some of its systems and immediately launched an investigation with the assistance of leading third-party cybersecurity experts,” the statement continued.
“The company is also working with law enforcement agencies. Based on the current state of the investigation, the company believes that unauthorized persons obtained some data from our system, and we are unsure of the nature and scope of that data. We are working to understand.”
Estée Lauder said it would focus on repairs for the time being and warned that the incident would disrupt its business. A similar statement was also filed with the Securities and Exchange Commission (SEC) regulator.
It is not yet known which threat group deployed ransomware on corporate networks or focused on extortion based on data theft.
A screenshot posted on Twitter Kropp Group claims I have 131GB of data.
Klopp is famous for being behind the MOVEit campaign, which used popular file transfer software to steal data and extort numerous organizations. Estee has yet to confirm whether his loader data breach was due to its supply chain attack.
“Although the full details are still unknown, this is yet another example of a cyberattack causing widespread disruption across corporate operations,” asserted CyberSmart CEO Jamie Akhtar.
“Given the nature of the breach, it is quite possible that this, like many recent articles, originated in the Estée Lauder supply chain.”
Image credit: salarko / Shutterstock.com
