Estée Lauder Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Estée Lauder Companies Inc. regarding its recent data breach. The Estée Lauder data breach involved sensitive personal identifiable information belonging to an undetermined number of individuals.


Estée Lauder is a prestige cosmetics company specializing in makeup, skincare, perfume, and haircare products. In 1946, Estée Lauder was founded by Estée and Joseph Lauder with just four original products. Over the years, Estée Lauder has grown by developing existing brands and acquiring new ones, including Aveda, Bobbi Brown, Clinique, Too Faced, and MAC. Included in the products developed and manufactured by Estée Lauder are cleansers, mascaras, eyeshadows, colognes, and shampoos. Today, Estée Lauder is sold in approximately 150 countries and territories with $17.7 billion in total net sales.


Recently, Estée Lauder discovered that it had experienced a data breach in which the sensitive personal identifiable information in its systems may have been accessed. Through its investigation, Estée Lauder determined that an unauthorized actor may have accessed this sensitive information through a vulnerability in the MOVEit file sharing platform used by Estée Lauder. On July 18, 2023, Estée Lauder posted a notice on its website informing of the security incident. At present, the type of information exposed has not been made publicly available.

If you were affected by the Estée Lauder data breach:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or

If you were impacted by the Estée Lauder data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review any breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by Harris County Hospital District d/b/a Harris Health System; 
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: