Beauty Plus Trading Co., Inc.

The Maine Office of the Attorney General disclosed a data breach targeting Beauty Plus Trading Co., Inc. on June 29, 2022, stemming from unauthorized hacking activity that occurred on May 14 and 15, 2022. The incident compromised sensitive financial data, including financial account numbers and credit/debit card details, potentially affecting 2,403 individuals. The breach involved external attackers gaining unauthorized access to the company’s systems, leading to the exposure of payment-related information. While the exact method of intrusion (e.g., phishing, exploit of vulnerabilities) was not specified, the focus on financial data suggests a targeted effort to exploit monetary assets or facilitate fraud. The compromised records could enable fraudulent transactions, identity theft, or secondary attacks on affected customers. The company likely faced reputational damage due to the exposure of financial records, alongside potential legal and regulatory scrutiny for failing to protect customer data. The breach underscores vulnerabilities in payment processing or data storage systems, necessitating remediation to prevent future incidents. No evidence suggested ransomware or broader systemic disruption, but the financial impact on affected individuals remains a critical concern.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/10c9753e-b93e-4e76-8ff4-200214c5de77.shtml

TPRM report: https://www.rankiteo.com/company/beauty-plus-global

"id": "bea301091725",
"linkid": "beauty-plus-global",
"type": "Cyber Attack",
"date": "5/2022",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'customers_affected': '2,403',
                        'name': 'Beauty Plus Trading Co., Inc.',
                        'type': 'Company'}],
 'attack_vector': 'Unauthorized Access (Hacking)',
 'data_breach': {'number_of_records_exposed': '2,403',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Financial account numbers',
                                              'Credit/Debit card details']},
 'date_publicly_disclosed': '2022-06-29',
 'description': 'The Maine Office of the Attorney General reported a data '
                'breach involving Beauty Plus Trading Co., Inc. due to '
                'unauthorized access (hacking), potentially affecting 2,403 '
                'individuals. Compromised information included financial '
                'account numbers and credit/debit card details.',
 'impact': {'data_compromised': ['Financial account numbers',
                                 'Credit/Debit card details'],
            'identity_theft_risk': 'High (financial data exposed)',
            'payment_information_risk': 'High (credit/debit card details '
                                        'exposed)'},
 'references': [{'source': 'Maine Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
                                                        'Attorney General']},
 'title': 'Data Breach at Beauty Plus Trading Co., Inc.',
 'type': 'Data Breach'}

Beauty Plus Trading Co., Inc.

Microsoft: Inside an AI‑enabled device code phishing campaign

Signature Healthcare Brockton Hospital: Brockton hospital hit by cybersecurity incident, services affected

Nonprofit: Cyberattacks surge as hackers target small businesses