Cosmetics giant Estée Lauder has disclosed a data breach just as two ransomware groups made claims about stealing vast amounts of information from the company.
In a statement issued on July 18, Estée Lauder said it suffered a cybersecurity incident. The company admitted that an unauthorized third party gained access to some of its systems and obtained data.
The nature and scope of the compromised data is still being assessed, but the company has called in outside cybersecurity experts to assist with the investigation and has notified law enforcement.
“During this ongoing incident, the Company is focused on remediation, including efforts to restore impacted systems and services. The incident has caused, and is expected to continue to cause, disruption to parts of the Company’s business operations,” Estée Lauder said.
Two notorious cybercrime groups claim to have targeted the company. One of them is the Cl0p ransomware gang, which claims to have stolen more than 130 gigabytes of information through the MOVEit hack, which has impacted more than 300 organizations worldwide.
The second cybercrime group is the BlackCat/Alphv ransomware gang, which on July 18 claimed that they still had access to the company’s systems, despite Microsoft and Mandiant being called in for incident response.
BlackCat hackers said they had not received any response from the company and threatened to reveal more information about the stolen files unless the cosmetics giant responds.
This group clarified that their breach is separate from the MOVEit attack carried out by their ‘colleagues’ at Cl0p.
This is not the first time Estee Lauder has suffered a data breach. Back in 2020, a researcher discovered that the company had left 440 million records exposed to the internet in an unprotected database.
Ransomware attacks are no challenge to us at BLAKFX as we have set out to eliminate ransomware as a threat…Period.
Our mission for 2023 is to eliminate ransomware damage.
There is no organization in any sector that is safe from ransomware except those that utilize Helix22 data security SDK.
In Math We Trust
Ransomware Auditing as a Service (RaaS): as ransomware attacks have skyrocketed, they have come to represent the biggest threat to the data of government agencies, military, intelligence agencies as well as private enterprises. BLAKFX developed the first in the world Ransomware Auditing as a Service (RaaS) platform which allows our cyber security engineers to scan your network and simulate real-world ransomware attacks to test the prevention, detection and mitigation strategies of your organization and establish how resilient your network is to real ransomware attacks. After the scan we provide a comprehensive report and our recommendations for remediation.
If you are the victim of an actual ransomware attack, we are able to recover the data that has been hi-jacked during the attack and due to Helix22’s patented DNA BindingTM cryptography, restore it to its original state.
We can make this restoration claim as the tech engineers at BLAKFX invented and holds multi-patents on a genuine device2device (D2D) encryption. We manage data security transmission through the truly brilliant and also patented universal Helix22 key service. The Helix22 encryption originates on your network or device, not just when the app is opened. This means, that when data arrives to our key server, it is already encrypted so all it needs to do is issue another key. Signal and Telegram cannot claim this level of security. This key will then only work with the intended device, which generates a matching key required to open the data. In this protocol, we are truly a “zero-knowledge” server so your communications and transmissions remain completely top secret. Even in the event that BLAKFX were subpoenaed, we can honor the request by just handing over the encrypted content…as that is literally all we have. Helix22 also only use keys just one-time and then destroys them. This way the data security is future forward prefect. Therefore, in our unique device-to-device encryption (D2D) world, there is no opportunity at all for any data leak.
This same protocol just described, can be the same with all your 3rd party vendors and suppliers. It does not matter in the least what platform they are running or what device they are using or even the type of data, it is all 100% protected. We do however, strongly advise that all firms involved be utilizing Helix22 due to the nature of the data content. Helix22 can ensure that whatever data they are generating is protected as well.
Let’s take it a step further. Even if your organization were a victim of an internal attack or a victim of malicious open source downloads, there is no reason for concern. Any data that has been forwarded, downloaded, copied or saved cannot be exfiltrated. Period. We have the technology industries foremost data packets which are protected with multi-layered, military grade encryption algorithms that have already proven the ability to withstand penetration testing from MI5 and quantum computing attacks.
One final practical genius of DNA BindingTM is in that it is immediately compatible with whichever system or software you are utilizing. Therefore, any organization can forward information to another and then discuss it and there is immediate privacy.
Finally, the Helix22 encryption is quantum computing ready so no need to redo all your data security methodologies in a couple of years when everything else becomes obsolete.
In the BLAKFX data security world, ransomware or any other data centric attack cannot have any affect on your systems or data.
The Helix22 data security SDK accomplishes the following:
- Protects all your firms data at rest, in use and in transit
- Renders ransomware threats obsolete
- Eliminates human error
- Eliminates all malicious or interior attacks
- Verifies original content i.e. minimizes the threat of impersonation attacks and deep fakes
- Reduces latency
- Installs with 5 lines of code
- Runs on any platform, network, device and in any programming language i.e. Internet of Things enablement
- Provides perfect future/forward secrecy
- Delivers “zero-knowledge” encryption
- Perfect security when utilizing all SaaS products
- Compatible with all cloud, 3rd party and vendor services
- Secures the Internet of Things by providing protection at the Edge with ultra low latency
- Ensures privacy and security for blockchain and all cryptocurrency transactions
- Is quantum ready – so there’s no need to upgrade when the time comes
- Requires no employee training
- Exceeds all gov’t and banking standards
- Meets compliance regulations
BLAKFX is Based on Success
Our founders, Robert Statica PhD and Kara Coppa, also founded Wickr, which is used by the US military and has never been hacked since its inception in 2012. The Helix22 data security SDK is several generations enhanced since then. Dr. Statica also delivered the encryption for the world’s most secure phone, Katim.
Founder – Robert Statica PhD Founder – Kara Coppa
Co-Founders of Wickr KatimTM Ultra Secure Smartphone
Helix 22 – Zero Risk