FullBeauty Brands Confirms 2025 Data Breach Affecting Over 1,100 Individuals
FullBeauty Brands, a major apparel company operating brands like Woman Within, Roaman’s, and ELOQUII, disclosed a data breach affecting at least 1,191 individuals after unauthorized access to its network between October 18 and November 19, 2025. The breach exposed names and Social Security numbers, with notifications sent to impacted individuals in Texas (1,185) and New Hampshire (6).
The ransomware group Everest claimed responsibility for the attack, leaking the stolen data on November 24, 2025, after FullBeauty allegedly missed a ransom deadline. FullBeauty has not confirmed Everest’s involvement, and the authenticity of the leaked data remains unverified. The company is offering affected individuals one year of free credit monitoring and identity theft protection via Experian.
Everest, active since 2020, has targeted high-profile victims, including NASA, the Brazilian government, and hospitals, before resurfacing in 2024 after a quiet period. In 2025 alone, the group claimed 15 confirmed ransomware attacks and 69 unconfirmed incidents, including a recent 343 GB data leak from Under Armour.
The breach highlights the growing threat of ransomware against retailers, with 23 confirmed attacks on U.S. retailers in 2025 compromising over 126,000 personal records. Such attacks disrupt operations, risk data exposure, and force businesses to choose between paying ransoms or facing prolonged downtime and fraud risks. FullBeauty Brands operates in New York City, Indianapolis, and El Paso, overseeing multiple fashion and lifestyle brands.
FULLBEAUTY Brands cybersecurity rating report: https://www.rankiteo.com/company/fullbeauty-brands
Founders Group International cybersecurity rating report: https://www.rankiteo.com/company/founders-group-international
"id": "FULFOU1769468199",
"linkid": "fullbeauty-brands, founders-group-international",
"type": "Ransomware",
"date": "6/2020",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '1191',
'industry': 'Retail, Fashion',
'location': 'New York City, Indianapolis, El Paso',
'name': 'FullBeauty Brands',
'type': 'Apparel Company'}],
'attack_vector': 'Unauthorized network access',
'customer_advisories': 'One year of free credit monitoring and identity theft '
'protection via Experian',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '1191',
'personally_identifiable_information': 'Names, Social '
'Security numbers',
'sensitivity_of_data': 'High (Social Security numbers)',
'type_of_data_compromised': 'Personally Identifiable '
'Information (PII)'},
'date_detected': '2025-11-19',
'description': 'FullBeauty Brands disclosed a data breach affecting at least '
'1,191 individuals after unauthorized access to its network '
'between October 18 and November 19, 2025. The breach exposed '
'names and Social Security numbers. The ransomware group '
'Everest claimed responsibility for the attack, leaking the '
'stolen data on November 24, 2025, after FullBeauty allegedly '
'missed a ransom deadline.',
'impact': {'brand_reputation_impact': 'Potential damage',
'data_compromised': 'Names, Social Security numbers',
'identity_theft_risk': 'High',
'operational_impact': 'Disrupted operations'},
'motivation': 'Financial gain, Data exfiltration',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Everest'},
'references': [{'source': 'FullBeauty Brands Disclosure'}],
'response': {'communication_strategy': 'Notifications sent to impacted '
'individuals',
'third_party_assistance': 'Experian (credit monitoring and '
'identity theft protection)'},
'threat_actor': 'Everest',
'title': 'FullBeauty Brands Data Breach Affecting Over 1,100 Individuals',
'type': 'Data Breach, Ransomware'}