The Estée Lauder Companies Inc.

A non-password-protected database that contained a massive amount of records totaling 440,336,852 was exposed.

Audit logs that contained a large number of email addresses in each document were accessible.

This company has been a household name for over 70 years and had an annual revenue of $14.863B in 2019.

Information including “User” emails in plain text (including internal email addresses from the @estee.com domain), and Production, Audit, Error, CMS, and Middleware logs were exposed.

References to reports and other internal documents were accessible

Source: https://securitydiscovery.com/estee-lauder/

"id": "THE2327201222",
"linkid": "the-estee-lauder-companies-inc",
"type": "Data Leak",
"date": "02/2020",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"