The fact that there has been a ransomware-based data breach is a bit ‘meh’ nowadays. I’m focusing instead on the statement made by the CEO which has the whiff of PR firm all over it: “around the clock”,”world-class technical experts” etc…:
Avon, a popular cosmetics company that sells door to door and online, experienced a data breach caused most likely by ransomware employed by a known hacker group. Sensitive personal data of 19 million customers was leaked, including names, home addresses and email addresses.
The breach is particularly dangerous as many of Avon’s customers are considered to be older and less tech savvy, ousting them at additional risk of phone and mail scams perpetrated using the leaked data.
Avon has issued multiple statements regarding the hack and has been engaging forensics teams to discover the cause of the leak and to shore up its information technology protocols. According to CEO Angela Cretu:
Our teams are working around the clock alongside the world-class technical experts to re-establish our affected systems.…We are in the process of determining whether personal information has been compromised, and we believe that credit card details were likely not affected as our main ecommerce website does not store that information. Should Avon confirm any suspicious activity affecting individuals’ data, we will notify affected individuals and take all appropriate action.1 Phil Muncaster, “Cosmetics Giant Avon Leaks 19 Million Records,” Infosecurity Magazine, July 28, 2020, https://bit.ly/3h1JVX6.2 Kate Cronin, “Northampton-based cosmetics giant Avon is KO’d by worldwide cyber-attack,” Northampton Chronicle & Echo, June 15, 2020, https://bit.ly/2FpGPhH.