Ransomware is a serious and growing issue in the modern age. Ransomware groups, ironically, are unlikely to take prisoners when it comes to stealing data. These hacking gangs infiltrate networks and then leverage the information stolen to extort money out of companies.
Estee Lauder Cyber Attack
Estée Lauder was the latest victim of a ransomware attack. The company is one of the world’s largest manufacturers of skincare, makeup, fragrance, and hair care products.
The global cosmetics giant revealed in a statement on the 18th of July that an unauthorized third party had gained access to some of the company’s systems.
The company stated that it is “focused on remediation, including efforts to restore impacted systems and services.” It added that “the incident has caused, and is expected to continue to cause, disruption to parts of the Company’s business operations.”
The company revealed that some data may have been stolen and some operations were shut down. An investigation into the security incident was launched by the company with the help of law enforcement and cybersecurity specialists.
Double Jeopardy: 2 Ransomware Groups Claim Responsibility
Estée Lauder was then listed on the data leak sites of two different ransomware groups. Both the BlackCat and CL0P ransomware groups have claimed responsibility. However, these were two separate cyber-attacks.
CLOP Ransomware
The CL0P ransomware group listed Estee Lauder on its data leak site with a message stating that “the company doesn't care about its customers; it ignored their security!!!”
An attached note claimed that the group stole more than 131GB of the company’s data.
The CLOP group seems to have exploited the vulnerability in the MOVEit Transfer platform to pull off this cyber-attack. The MOVEit cyber-attack affected more than 300 organizations worldwide.
BlackCat Ransomware
The second group claiming the Estee Lauder cyber attack is BlackCat – or ALPHV. The BlackCat ransomware gang went on to mock the company’s cybersecurity measures. The group taunted that it still had access to the network despite Microsoft and Mandiant’s security response.
According to Bleeping Computer, BlackCat also left the company a message stating it was unsatisfied with the company’s lack of response.
Sourced from Bleeping Computer
The BlackCat ransomware group claims to have stolen more than 130 gigabytes of Estee Lauder’s data but did not encrypt the network. The group has threatened to reveal the stolen data unless the company engages in negotiations.
BlackCat has hinted that the data they took could impact customers, company employees, and suppliers.
The group also went on to clarify that the Estee Lauder cyber attack was separate from the CL0P cyber-attack on the cosmetics company.
How Organizations Can Stay Prepared
The threat of ransomware can be a nightmare for most companies. Apart from the risk of financial and data loss, a ransomware attack can negatively impact a brand’s entire reputation.
This is why companies need to invest in the correct cybersecurity measures to prevent ransomware attacks in the first place.
Sangfor Technologies is a world-class cybersecurity and cloud computing company that offers intensive and advanced Anti-Ransomware prevention and state-of-the-art IT infrastructure.
Sangfor provides complete and holistic cybersecurity solutions for your company that will ensure you’re never a helpless victim of a ransomware attack.
Some of these platforms include an advanced Next-Generation Firewall (NGFW) integrated with Endpoint Security to identify malicious files at both the network level and endpoints and so much more.
For more information on Sangfor’s cyber security and cloud computing solutions, please visit www.sangfor.com.