Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks.
In a disgruntled message to the company, the BlackCat gang mocked the security measures, saying that they were still present on the network, writes Bleeping Computer*. “After becoming aware of the incident, the Company proactively took down some of its systems and promptly began an investigation with the assistance of leading third-party cybersecurity experts. The Company is also coordinating with law enforcement,” Estée Lauder commented in a press release*.
In a rare twist to the norm, two criminal gangs have taken advantage of the site’s vulnerabilities resulting in a site shut down and the inevitable theft of data as well. The stolen data is likely to be very sensitive and act as a strong weapon in targeted phishing attacks on more victims. MOVEit affected large numbers of organizations, but unrelated separate attacks on the same company add salt to the wound, especially at the same time.
These will highlight the immense control and power that cybercriminal gangs currently hold, but it can be mitigated by constantly improving protections and applying the patches immediately for any known vulnerabilities. The incident also highlights the importance of well-trained emergency plans to stop the damage from spreading as quickly as possible while maintaining maximum productivity.
*ESET does not bear any responsibility for the accuracy of this information.
ESET Ireland 