Avon, the world’s leading cosmetics and skincare company, has suffered a Cyber-Attack.

At least that’s what both filed reports with the US Securities and Exchange Commission (SEC) prove in the past few days. 

Reports called Form 8-K filings (catchall category known as Other Events) are used to notify investors and stakeholders about unplanned issues affecting the company.

The first report was ever submitted by the company on 09 June 2020. The next one was filed on June, 12.

They stated a “cyber incident that interrupted their systems and operations.”

What Exactly Happened to Avon? 

The incident is being evaluated by the company itself, and intend to avoid long-lasting effects of the services on affected markets (Argentina, Brazil, Poland, UK, and Romania). 

So far, the investigation shows no leaks of credit card details or similar negatives, because their eCommerce store doesn’t store this type of information…

But it’s confirmed that the cyber-attack was executed exploiting Avon’s back-end of the server.

The Brazilian multinational keeps “hiding” the entire details to distributors, customers, and even from the press. 

Of course, this couldn’t be kept as a secret for so long. Niebezpiecznik, the Polish cybersecurity company points to a “Ransomware” threat.  

They tweeted the suspicious of this issue starting in March, worrying staff about data leakages.

It was also mentioned that the DopplePaymer ransomware was behind the responsible for this attack.

Niebezpiecznik Avon Tweet
“Something bad happened at Avon. Staff and consultants are worried that their data was leaked. The issues may have started in mid-March.”

“Update. We’ve “confirmed” (not officially because we haven’t yet heard back from an official source) it’s ransomware. (DoppelPaymer.)”

Have you seen/read/heard the name DoppelPaymer before? 

They’re one of the 13 ransomware gangs (as Maze) scrambling people’s data to then post it into a leak site. In this case, they start stealing copies of it. 

It’s an extorsion where you have to pay for three unavoidable reasons:

  1. You pay for the decryption key, to get everything back.
  2. You pay for them to keep your data private (privacy and customer’s reputation).
  3. You pay to keep them shut of alerting the authorities of your data breach (which may cost you some expensive fines).

So far, luckily to Avon’s customer, their data files haven’t been published on the leaking site.

Can This Happen to You? 

No-one still knows for sure if it was Ransomeware what Avon experience, but we’re definitely sure that this can happen to you, in so many different ways.

Meaning, this isn’t much about Avon itself, but how their vulnerabilities can teach us something.  Here you have a few quick ways to avoid it in the near future…

  • The broken record: Pick a better password… Make it impossible for them to guess your password with advanced tools. Use 2FA (Two-factor Authentication every time) and try KeePass or LastPass when they’re too long or complicated to remember. 
  • Keep all your system’s entrance private and well-protected. Don’t wait until its too late and receive the consequences an attack, to fully optimize your cybersecurity.
  • Be aware of warnings to know if it’s too late or if you’re on time. There have been thousands of recorded times when hackers fail their attempt, leaving signs behind. ALSO: Patch/Update everything, very frequently. 

After all, It’’s worth mentioning that hackers/cybercriminals can get their way in, almost every time, depending on the reward they seek. This is true if the right protection isn’t taken.

if your business has a lot to lose, then let me tell you the good news: MyITGuy is here to protect you against any intrusive threat.

Security and Peace of mind guaranteed 24/7.