Estee Lauder, a popular cosmetics company, confirmed it was the victim of the MOVEit hack dubbed a global cybersecurity incident.
The MOVEit file transfer sharing service used by small and large companies, government entities and agencies, schools, hospitals, and more was recently hacked by the Russian-based Cl0p ransomware group.
The hackers have been publishing sensitive data en-masse since June 14. Going against the norm, a second hacker group with ties to Russia, BlackCat, is also claiming credit for the attack, posting its own leaked information via social media.
The gang claims to have stolen 131GB of data and the company’s archives.
“Based on the current status of the investigation, the Company believes the unauthorized party obtained some data from its systems, and the Company is working to understand the nature and scope of that data,” Estee Lauder said. The full details of the significant amount of data at ransom aren’t known.
Responding quickly, Estee Lauder acted proactively by taking down certain systems and working with cybersecurity experts in launching an investigation. The company stated the attack was expected to continue disrupting their business operations, likely affecting business partners, customers, and even employees.
“This disclosure by Estee Lauder raises a lot of questions about how severe the breach was and what sensitive or confidential data is at risk,” said Lio Yaari, CEO and co-founder of Grip Security.
Estee Lauder marks the second major cosmetics company to be hit by the ransomware gang, following the multi-level marketing company, Mary Kate Cosmetics. Other major victims of the hack include Shell Global, AutoZone, The government of Nova Scotia, universities across America, and more than 400 organizations.
The MOVEit attack continues to have long-reaching consequences, as governments and companies are racing to strengthen their cybersecurity defenses, including new cybersecurity training programs, agencies, and consumer protection laws being created.