Estée Lauder, a multinational cosmetics company, has confirmed that it experienced a cyber attack in which hackers were able to steal data from its systems. The ALPHV ransomware group claims responsibility for the attack and revealed that another hacker group, CL0p, was also involved.
In a post on the dark web portal of the ALPHV group, they stated that they breached Estée Lauder’s systems but did not encrypt the network, allowing the company to still access its systems and data. The hackers mentioned that the data they stole was valuable and that CL0p had also accessed the company’s systems. However, they were not aware of any data stolen by CL0p.
ALPHV made their ransom demands separate from CL0p to distinguish themselves and clarify this to Estée Lauder. They shared a screenshot showing a file size of 131GB, suggesting that they had stolen data of that size from the cyber attack.
The Cyber Express reached out to Estée Lauder for a statement regarding the hacker’s claims and is waiting for a response. At the time of writing, Estée Lauder’s website was accessible.
It is unclear which hacker group’s attack Estée Lauder was referring to when they confirmed the cyber attack. The company stated that hackers obtained some data from its systems and that the incident had disrupted parts of its business operations. Estée Lauder expects further disruption due to the cyber attack and is still assessing the extent of the impact.
The company’s Chief Information Officer, Michael Smith, and his team are collaborating with law enforcement agencies to investigate the cyber attack. In order to prevent further damage and mitigate risks, parts of Estée Lauder’s systems have been taken down.
The CL0p ransomware group has previously targeted various organizations, including the MOVEit File Transfer cyber attack, which affected around 378 organizations and service providers catering to over 3,000 educational institutions in the United States. This included the National Student Clearinghouse and the Teachers Insurance and Annuity Association of America, which suffered data loss and impacted educational research and retirement record maintenance.
This report is based on internal and external research, and the information provided is for reference purposes only. Users should exercise caution and bear full responsibility for their reliance on this information. The Cyber Express assumes no liability for the accuracy or consequences of using this information.