Cosmetics giant Estée Lauder has disclosed a data breach just as two ransomware groups made claims about stealing vast amounts of information from the company.
In a statement issued on July 18, Estée Lauder said it suffered a cybersecurity incident. The company admitted that an unauthorized third party gained access to some of its systems and obtained data.
The nature and scope of the compromised data is still being assessed, but the company has called in outside cybersecurity experts to assist with the investigation and has notified law enforcement.
“During this ongoing incident, the Company is focused on remediation, including efforts to restore impacted systems and services. The incident has caused, and is expected to continue to cause, disruption to parts of the Company’s business operations,” Estée Lauder said.
Two notorious cybercrime groups claim to have targeted the company. One of them is the Cl0p ransomware gang, which claims to have stolen more than 130 gigabytes of information through the MOVEit hack, which has impacted more than 300 organizations worldwide.
The second cybercrime group is the BlackCat/Alphv ransomware gang, which on July 18 claimed that they still had access to the company’s systems, despite Microsoft and Mandiant being called in for incident response.
BlackCat hackers said they had not received any response from the company and threatened to reveal more information about the stolen files unless the cosmetics giant responds.
This group clarified that their breach is separate from the MOVEit attack carried out by their ‘colleagues’ at Cl0p.
This is not the first time Estee Lauder has suffered a data breach. Back in 2020, a researcher discovered that the company had left 440 million records exposed to the internet in an unprotected database.
Related: Japan’s Nagoya Port Suspends Cargo Operations Following Ransomware Attack
Related: TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant
Related: Ransomware Gang Takes Credit for February Reddit Hack