ELCI A.I CyberSecurity Scoring
ELCI
Company Information
Website:http://www.elcompanies.com
Employees number:52,420
Number of followers:1,888,132
NAICS:32562
Industry Type:Personal Care Product Manufacturing
Homepage:elcompanies.com
ELCI Risk Score (AI oriented)
Between 600 and 649
ELCIPersonal Care Product Manufacturing
Updated:
13/07/2026
13/07/2026
618/1000
Poor
Caa
ELCI Global Score (TPRM)
xxxx
ELCIPersonal Care Product Manufacturing
Score locked

ELCIPoor
Current Score
618Caa (POOR)
01000
5 incidents
-32 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
667
Breach
10 Jul 2026 • ELCI
Estée Lauder Companies Inc.: Estée Lauder Data Breach Exposes Health Information and SSNs
Estée Lauder Major Data Breach Affecting Sensitive Customer Information
618
CRITICAL-49
THE1783960835
Estée Lauder Discloses Major Data Breach Affecting Sensitive Customer Information
Estée Lauder Companies Inc., a global leader in prestige beauty, has reported a data breach that exposed highly sensitive personal information. While the exact number of affected individuals in the U.S. remains undisclosed, the compromised data includes Social Security numbers, financial account details, credit and debit card information, government ID numbers, and health records.
Key details of the incident such as the attack method, timeline, and how the breach was detected have not been made public. The company filed a breach notification with the Vermont Attorney General on July 10, 2026.
Estée Lauder has indicated that impacted individuals will receive direct notifications in the coming weeks, outlining the nature of the breach, the specific data exposed, and any available resources. The company has also advised recipients to verify the legitimacy of any communications by contacting Estée Lauder directly through its official website rather than relying on unverified sources.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JUNE 2026
667
MAY 2026
664
APRIL 2026
663
MARCH 2026
674
Cyber Attack
17 Mar 2026 • ELCI
Estée Lauder, Broadcom, Abbott Technologies, Oracle and Bechtel: Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
Oracle E-Business Suite Hack Leaves Four Major Companies Silent on Impact
659
CRITICAL-15
BROBECTHEORAABB1773750615
Oracle E-Business Suite Hack Leaves Four Major Companies Silent on Impact
A recent cyberattack targeting Oracle E-Business Suite (EBS) has disrupted organizations reliant on the platform for critical business operations, including finance, supply chain, HR, and procurement. While many companies have responded with public disclosures and mitigation efforts, Broadcom, Bechtel, Estée Lauder, and Abbott Technologies have yet to issue any statements, raising concerns about transparency and crisis management.
The breach exposes vulnerabilities in a widely used enterprise software suite, threatening the integrity of sensitive corporate and customer data. Security researchers and incident response teams are assessing the full scope of the compromise, with affected organizations working to determine exposure and prevent follow-on attacks.
In contrast to the silent four, other companies have taken proactive steps, including acknowledging the breach, implementing security measures, collaborating with cybersecurity firms, and notifying stakeholders. This approach is considered best practice in handling enterprise-wide software vulnerabilities.
The continued silence from Broadcom, Bechtel, Estée Lauder, and Abbott Technologies leaves stakeholders uninformed about potential risks, data protection efforts, and the companies’ cybersecurity commitments. The lack of disclosure may also invite regulatory scrutiny, particularly for publicly traded firms, while risking long-term reputational damage.
As cybersecurity incidents grow in frequency and severity, transparent communication is increasingly seen as a corporate obligation both for stakeholder trust and legal compliance. The absence of updates from these four companies underscores a critical gap in modern incident response policies.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
FEBRUARY 2026
673
JANUARY 2026
670
DECEMBER 2025
751
NOVEMBER 2025
750
OCTOBER 2025
748
SEPTEMBER 2025
747
AUGUST 2025
746
JUNE 2025
736
Ransomware
16 Jun 2025 • ELCI
Broadcom
Cl0p Exploits Zero-Day Vulnerabilities in Oracle E-Business Suite Leading to Massive Data Breaches
649
CRITICAL-87
BRO3105131112625
Broadcom, a global technology leader valued at hundreds of billions, was among the high-profile victims of Cl0p’s ransomware attack exploiting a zero-day vulnerability in Oracle’s E-Business Suite (CVE-2025-61882 and CVE-2025-21884). The cybercriminal group exfiltrated sensitive corporate and customer data, threatening to leak or sell it unless a ransom was paid. The breach compromised critical systems, risking financial records, proprietary business data, and third-party customer information. Cl0p’s extortion tactics included warnings of public disclosure on their blog, torrent leaks, or sales to malicious actors, amplifying reputational and operational risks. Given Broadcom’s role in semiconductor and infrastructure technology, the attack posed supply chain cascading risks, potentially disrupting clients reliant on its products. Oracle issued emergency patches, but the damage—including data theft, potential regulatory fines, and erosion of stakeholder trust—had already occurred. The incident underscores vulnerabilities in enterprise software dependencies, with Broadcom facing long-term financial and strategic repercussions if the stolen data is weaponized.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JULY 2023
764
Breach
11 Jul 2023 • ELCI
The Estée Lauder Companies Inc.
Estée Lauder Companies Inc. Data Breach
705
CRITICAL-59
THE313080425
The Washington State Office of the Attorney General reported that The Estée Lauder Companies Inc. experienced a cyberattack on July 11, 2023, affecting approximately 150,535 Washington residents. The breach involved unauthorized access to personal information, including names, dates of birth, email addresses, and passwords, with the notification made on August 31, 2023.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
MAY 2023
807
Breach
01 May 2023 • ELCI
The Estée Lauder Companies Inc.
Data Breach at The Estée Lauder Companies Inc.
762
MEDIUM-45
THE409072625
The Maine Office of the Attorney General reported a data breach involving The Estée Lauder Companies Inc. on October 19, 2023. The breach occurred between May 30 and June 1, 2023, due to an external system breach affecting files transferred through Progress Software's MOVEit Transfer, compromising the driver's license number and Social Security number of 3 individuals, including 1 resident of Maine.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for ELCI ??
What was ELCI's A.I Rankiteo Cyber Score in June 2026 ??
What was ELCI's A.I Rankiteo Cyber Score in May 2026 ??
What was ELCI's A.I Rankiteo Cyber Score in April 2026 ??
What was ELCI's A.I Rankiteo Cyber Score in March 2026 ??
What was ELCI's A.I Rankiteo Cyber Score in February 2026 ??
What was ELCI's A.I Rankiteo Cyber Score in January 2026 ??
What was ELCI's A.I Rankiteo Cyber Score in December 2025 ??
What was ELCI's A.I Rankiteo Cyber Score in November 2025 ??
What was ELCI's A.I Rankiteo Cyber Score in October 2025 ??
What was ELCI's A.I Rankiteo Cyber Score in September 2025 ??
What was ELCI's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on ELCI's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with ELCI ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view ELCI's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?