Beauty Industry Group (BIG) Targeted by Lockbit2 Ransomware Group

The Beauty Industry Group (BIG), a multi-brand, multi-channel platform offering both professional and do-it-yourself hair extension products, has been targeted by the Lockbit2 ransomware group. The company, founded in 2004 and headquartered in Salt Lake City, Utah, employs over 500 people worldwide and serves customers globally.

BIG curates a portfolio of more than a dozen independent brands catering to both professional and direct-to-consumer beauty markets across the globe. The company is known for its commitment to continuous innovation and corporate responsibility, with a focus on kindness and ethical conduct.

The Lockbit2 ransomware group claimed the attack on BIG's website, which is http://www.beautyindustrygroup.com/. The attack has not been confirmed by the company, and no further details about the nature of the attack or the extent of the damage have been disclosed.

Vulnerabilities and Mitigation

The beauty industry has been a target for cybercriminals in recent years, with ransomware attacks on companies like Estée Lauder and other cosmetics giants. To mitigate the risks of ransomware attacks, companies should focus on improving their cybersecurity posture, including:

• Regularly updating software and systems to patch known vulnerabilities.
• Implementing multi-factor authentication to secure access to sensitive data.
• Conducting regular security audits and penetration testing to identify potential weaknesses.
• Educating employees about the risks of phishing and other social engineering attacks.
• Backing up critical data and maintaining offsite backups to minimize the impact of data loss.

By addressing these vulnerabilities and implementing robust cybersecurity measures, companies can reduce their risk of falling victim to ransomware attacks.

Sources

• Beauty Industry Group (BIG) website: https://www.beautyindustrygroup.com
• Heat Group founder hit by $2 million cyber attack: https://www.smh.com.au
• BlackCat and Clop gangs both claim cyber attack on Estée Lauder: https://www.computerweekly.com
• Cosmetics Giant Estée Lauder Targeted by Two Ransomware Groups: https://www.securityweek.com
• Beauty Industry Retailer Receives Cybersecurity Makeover: https://www.vectra.ai