All ransomware incidents
Ransomware group thegentlemen hits Carita
Carita — a not found target operating in FR has been listed by the thegentlemen ransomware group on 2026-07-10. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Carita |
|---|---|
| Threat Group | thegentlemen |
| Summary | ***.com zoominfo.com/c/carita/358348689 Carita is a prestigious French luxury skincare brand founded in 1945, renowned for its professional-grade beauty treatments and high-end cosmetics. Now part of L'Oréal's Luxury Division following its acquisition from Shiseido in 2022, the brand operates globally with a focus on exceptional skincare rituals and personalized beauty experiences. Available in over 130 countries, Carita combines innovative formulations with artisanal expertise, generating annual revenue in the range of $9-10 million for its core operations |
| Date of Breach | 2026-07-10 |
| Discovery Date | 2026-07-11 |
| Region | FR |
| Target Domain | carita.com |
| Business Sector | Not Found |
| Severity | MEDIUM |
Claim by thegentlemen
***.com zoominfo.com/c/carita/358348689 Carita is a prestigious French luxury skincare brand founded in 1945, renowned for its professional-grade beauty treatments and high-end cosmetics. Now part of L'Oréal's Luxury Division following its acquisition from Shiseido in 2022, the brand operates globally with a focus on exceptional skincare rituals and personalized beauty experiences. Available in over 130 countries, Carita combines innovative formulations with artisanal expertise, generating annual revenue in the range of $9-10 million for its core operations
Posted by the thegentlemen threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.

