Ransomware attack on cosmetics brand The Heat Group and BillTrust

    Australia’s popular cosmetics brand ‘The Heat Group’ is reported to have suffered a ransomware attack early this year. The Founder of the online makeup kits distributor Gillian Franklin endorsed the news and said that the cyber attack almost made her loose business and is estimated to have incurred $2 million in losses for the current financial year.


    Going by the details, Ms. Franklin was in London for a business meeting when she found that her online documents and files stored on an FTP server went missing and instead of a ransomware note demanding $40,000 in bitcoins was pasted to the database. 

    She tried to figure out the trouble with the Australian IT staff who confirmed that the database was encrypted with malware.


    The Heat Group which distributes some of the world’s biggest cosmetics brands like Ulta3, Bille Goat, MUD Makeup design and eyewear kits tried to negotiate with the hackers to free up data from the malware. But they learned that some of the encrypted data were deleted by hackers on an accidental note.


    MS. Gillian Franklin then asked her company staff to emphasize on recovering the data which was restored only after a month. And the company head estimates that financially the ransomware attack could have yielded heavy losses for the brand which sells at least 3 products every second.


    Meanwhile, in other news related to a ransomware attack, Business to Business payments provider BillTrust has made it official that its database was reigning under a ransomware attack since Oct 17th this year.


    The New Jersey-based financial startup claims that its staff is working round the clock to bring back the services online by this month-end and have partially succeeded in doing so by the end of last week via data backups.


    BillTrust is a cloud-based company that offers its customers the privilege to view invoices online, pay or request bills via email or fax.


    Steven Peinado, the CEO of BillTrust said that his staff became aware of the intrusion mid-last week. But aren’t sure when and how the malware entered the network.


    Note- A source from the BillTrust said that the company database was hit by BitPaymer ransomware. But this news is yet to be confirmed.

    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display