Avon faces new cyber security threat following hack back in June
Avon recently reported its systems were interrupted due to a cyber security compromise back in June, with a second admission of still trying to restore some of its affected systems 3 days later. While no public statements were made defining the source of the outages, it is speculated to have been a Ransomware Attack by a hacking group identifying as DopplePaymer. Avon have released no confirmation of leaked customer data as of yet. The systems effected are reported to be isolated to Avon U,K Poland, Argentina, Brazil and Romania. If you’re a customer of Avon, or an Avon sales person, we strongly recommend a change of password not only on the Avon systems but also any other platforms you may have used your original Avon password to practice a good standard of cyber security.
The bad news seems to keep on coming for Avon though, as on July 29th, Anurag Sen of SafetyDetectives discovered one of Avon’s “Microsoft Azure” servers had been left visible to the public with extremely poor cyber security, as it was reported to have been no password requirements to access the data on the server, nor were there any forms of encryption of the data. Data therefore publicly available was not only infrastructure insights, but also client PII (Personally Identifiable Information) including; full names, phone numbers, birth dates, email address, home address, GPS coordinates, and payment amounts.
If the hack back in June wasn’t reason enough to consider your cyber security and change commonly used passwords, this certainly should be. If you’ve ever affiliated with Avon, even so much as signed up for a newsletter, we cannot stress enough how important it is to stay vigilant. Once a cyber criminal knows your personal details they can use them to try hacking other websites such as your email accounts granting access to all other online accounts, including your online banking accounts.
Stay safe, never let your cyber security guard down, and if in doubt, please reach out to us.