Estee Lauder Ransomware Attack

The cosmetics giant, Estee Lauder, has become the latest victim of a serious ransomware attack. Investigations are under way to determine the source of attack but it is thought that it may have come from the supply chain.

Two well-known ransomware gangs, BlackCat and Clop, have claimed responsibility for the cyber-attack.

It appears that the Clop ransomware gang gained access to the company after exploiting a vulnerability in the MOVEit Transfer platform for secure file transfers.

Clop started leveraging the vulnerability when it was a zero-day vulnerability in late May and claimed to have breached hundreds of companies for data theft extortion.

On their data leak site, Clop mocked Estee Lauder’s cyber security measures, saying that they were still present on their network and stated that they have more than 131GB of Estee Lauder’s data.

Estee Lauder confirmed one of the attacks saying that a threat actor had gained access to some of its systems and may have stolen customer data.

Estee Lauder have warned that the incident would cause disruption to their business.

We wonder if Estee Lauder have informed their new ‘skincare partner,’ Manchester United, of their data breach? And will this impact their new partnership going forward?

Get in touch to find out how we can help improve the cyber security of your business. Or if you have any questions we are always happy to chat!