Estee Lauder Data Breach (2020)

A non-password protected cloud database containing hundreds of millions of customer records and internal logs for cosmetic giant Estée Lauder has been found exposed online, according to researchers. In all, 440,336,852 individual data pieces were exposed, according to researcher Jeremiah Fowler at Security Discovery. Many of the records importantly contained plaintext email addresses (including internal email addresses from the @estee.com domain). There were also reams of logs for content management systems (CMS) and middleware activity. Fortunately, there was no payment data or sensitive employee information included in the records that Fowler saw.