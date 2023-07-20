BleepingComputer reports that U.S. multinational cosmetics company Estee Lauder was claimed to be compromised by the Cl0p and ALPHV/BlackCat ransomware gangs in separate attacks.
Cl0p has admitted to exfiltrating more than 131GB of data belonging to Estee Lauder, which it may have obtained through the widespread exploitation of a vulnerability in the MOVEit Transfer file transfer app that began in late May.
On the other hand, ALPHV/BlackCat disclosed on July 18 that it was able to infiltrate Estee Lauder's network despite protections offered by Mandiant and Microsoft's Detection and Response Team, and while none of its systems have been encrypted, it would divulge details regarding the data that may have been stolen from customers, suppliers, and employees should the cosmetics firm refuse negotiations.
One of the attacks has been confirmed by Estee Lauder to have resulted in the compromise of some of its systems and possible data theft but while its filing with the Securities and Exchange Commission noted that it has already acted to mitigate and investigate the attack, details regarding the specific intrusion have been lacking.
Increasing cybersecurity threats against the U.S. agriculture industry as indicated by the ransomware attack against JBS Foods two years ago have prompted Sens. Catherine Cortez Masto, D-Nev., and Mike Rounds, R-S.D., to introduce a pair of new bills aimed at bolstering the sector's cybersecurity posture, which have already been unveiled in the House, according to The Record, a news site by cybersecurity firm Recorded Future.
Officials at George County, Mississippi, have noted ongoing recovery efforts from a ransomware attack over the weekend that disrupted almost all of its government in-office computers, according to The Record, a news site by cybersecurity firm Recorded Future.