Cosmetics company Avon suffers a cyber incident

Cosmetic company Avon has reportedly suffered a cyber attack that interrupted some systems and affected operations to some extent.



The London-based cosmetics company filed a FORM 8-K document with the US Securities and Exchange Commission, informing investors of a cyber incident that affected normal operations. The initial form was filled on June 9 2020, reportedly a day after the incident took place.

“Avon Products, Inc. (the “Company”) suffered a cyber incident in its Information Technology environment which has interrupted some systems and partially affected operations. The Company is evaluating the extent of the incident and working diligently to mitigate the effects, applying all efforts to normalize operations,” the form says.

Avon filed another FORM 8-K document on 12 June 2020, revealing that systems affected in the cyber attack will soon be restored. It also explained that an investigation into the incident is still ongoing. While the company is currently unsure about whether personal data has been exposed, it does not believe that credit card details have been affected, as such information is not stored in the main e-commerce website.

“Avon Products, Inc. (the “Company”), after suffering the cyber incident communicated on June 9, 2020, is planning to restart some of its affected systems in the impacted markets throughout the course of next week. Avon is continuing the investigation to determine the extent of the incident, including potential compromised personal data. Nevertheless, at this point it does not anticipate that credit card details were likely affected, as its main ecommerce website does not store that information,” Avon has said.

The company has not revealed any extensive details about the nature of the cyberattack but a Polish cybersecurity company Niebezpiecznik has received unofficial confirmation that Avon has suffered a ransomware attack. The culprit is allegedly DoppelPaymer ransomware, a dangerous malware that targets big companies and organizations. The cyber criminals behind the DoppelPaymer ransomware, along with the likes of the infamous Maze gang, not only encrypt files and demand money, but also steal files.

With more and more companies preparing to handle a cyber attack and backing up their data, ransomware gangs have switched tactics to adapt. Cyber crooks now steal files and threaten to publish the data if companies refuse to pay the ransom. For companies that handle sensitive data, cyber criminals making it publicly available could have catastrophic consequences. However, according to ZDNet, Avon is not among the companies named in the leak site managed by DoppelPaymer and 12 ransomware gangs.