440,336,852 documents exposed in Estée Lauder hack


Estée Lauder has seen more than 440 million internal records exposed in a massive data breach, according to reports from Security Discovery.

A cyberattack exposed 440,336,852 records containing swathes of internal emails in the latest instance of a major hack on a retailer.

Despite the large quantity of data jeopardised in the attack, Estée Lauder says no there was no evidence consumer records or payment details were at risk.

The cosmetics giant also assured consumers and its subsidiary brands that most of the data came from an internal “education platform”.

READ MORE: £111,000 taken from hundreds of customers in Currys PC World Ebay hack

Security experts did warn that millions of documents related to ‘middleware’, which could enable hackers to access more sensitive data in future.

“There were millions of records pertaining to middleware that is used by the Estée Lauder company,” Security Discovery’s data analyst Jeremiah Fowler, who discovered the breach, said.

“Middleware is software that provides common services and capabilities to applications outside of what’s offered by the operating system. Data management, application services, messaging, authentication, and API management are all commonly handled by middleware.

“Another danger of this exposure is the fact that middleware can create a secondary path for malware, through which applications and data can be compromised. In this instance anyone with an internet connection could see what versions or builds are being used, the paths, and other information that could serve as a backdoor into the network.”

Click here to sign up to Charged free daily email newsletter



Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.