Estee Lauder has recently experienced a significant ransomware breach, joining the list of prominent companies targeted by attackers. Two groups have claimed responsibility for compromising the firm’s security.
The Estée Lauder Companies confirmed a ransomware attack in an SEC filing, stating that the attackers gained access to some of its systems, and data may have been stolen.
Estée Lauder: Hacked by two ransomware gangs
“After becoming aware of the incident, the company proactively took down some of its systems and promptly began an investigation with the assistance of leading third-party cyber security experts. The company is also coordinating with law enforcement.”
Estee Lauder stated that it is currently prioritizing remediation efforts, but they cautioned that the incident might cause disruptions to their business operations. The company also filed a similar statement with the Securities and Exchange Commission (SEC) regulator.
It is yet to be determined whether either of the threat groups involved in the attack deployed ransomware to the company’s network or focused on data theft-based extortion.
One screenshot was posted on Twitter, claiming that the Clop group possesses 131GB of data.
Clop, known for being responsible for the MOVEit campaign, which led to data theft and extortion from numerous organizations using the popular file transfer software. However, it has not been officially verified whether the compromise of Estee Lauder’s data originated from that particular supply chain attack.
According to the filing submitted to the SEC, Estee Lauder has emphasized its primary focus on remediation, which involves dedicated efforts to restore the affected systems and services.
The company also acknowledges that the incident has resulted in disruptions to various aspects of its business operations and anticipates that these disruptions may persist for a certain period.