Ransomware victim disclosure
← All victimsGroupe Clarins
Claimed by Everest · listed 10 months ago
Status timeline
- ListedSep 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Everest
- Status
- Data leaked
- Country
- France
- Sector
- Consumer Services
- Listed on leak site
- Sep 14, 2025
About the victim
AI dossier — public-source company profileGroupe Clarins is a French family-owned luxury beauty company founded in 1954, recognised as a leader in skincare and make-up. The group operates in nearly 150 countries under brands including Clarins and myBlend, and holds B Corp certification reflecting its sustainability commitments.
- Industry
- Luxury Skincare & Cosmetics
- Address
- Paris, France
- Employees
- 1001-5000
- Founded
- 1954
Attack summary
Severity: high — Data has been confirmed published (data_published status) by the threat actor, indicating actual exfiltration and release of Groupe Clarins internal database data. A multinational consumer brand of this scale likely holds significant volumes of customer PII, employee records, and business-sensitive data, warranting a high severity rating.The Everest ransomware group claims to have published a database belonging to Groupe Clarins, with the disclosure status marked as data_published, indicating exfiltration and public release of company data.
Data the group says was taken
AI dossier — extracted from the leak post- Company database
Original description
AI-summarised, not from the leak postGroupe Clarins is a French luxury cosmetics company, which develops skincare, makeup and fragrances products. Founded in 1954 by Jacques Courtin-Clarins, the company originally began as a small Parisian beauty institute. Today, the company is present worldwide, known for its plant-based high-end skincare products. In 2018, it was ranked first for high-end facial skincare brands in Europe.
The leak post
captured from the group's site© 2026, All rights reserved Citizens Bank - Database Leaked Evaluate a Norstella company - Database Leaked Studio Marchi - Studio Professionale Associato - Database Leaked Super AI - Database Leaked Complete Aircraft Group - Database Leaked Umiles Group - Database Leaked K Subsea Group - Database Leaked Parque Eólico Toabré - Database Leaked PT Brantas Abipraya - Database Leaked Straight Line Logistics - Database Leaked First Priority Group - Database Leaked Hyundai Elevator - Database Leaked UD Trucks - Database Leaked McDonalds India - Database Leaked Tsunami Tsolutions - Database Leaked Atlas Air: MUSE INSECURE - Database Leaked Iron Mountain - Database Leaked Hosowaka Micron Group - Database Leaked Shinwa Co Ltd - Database Leaked SIGMA Processing Group - Database Leaked Acu Trans Solutions LLC - Database Leaked GIBSIN Engineers - Database Leaked ASRock Rack - Database Leaked Reeves Information Technology - Database Leaked WANCHI STEEL INDUSTRIAL - Database Leaked GC Accounting - Database Leaked National Money Mart Company - Database leaked Virginia Records - Database Leaked Morgan Records Management - Database leaked ELC Electroconsult SpA - Databas…
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

