Lush customer details stolen by hackers

By

Credit card details stolen.

The UK web site for cosmetics company Lush has fallen victim to hackers.

Lush customer details stolen by hackers

The hack affected customers who made purchases from the site between 4 October 2010 and 20 January 2011 and hackers are continuing to try and break into the site.

As a result, Lush has emailed its customers to inform them of the attack and shut down the website entirely, setting up a temporary online shop which accepts PayPal transactions.

“Our website has been the victim of hackers,” the online statement read. “24 hour security monitoring has shown us that we are still being targeted and there are continuing attempts to re-enter.”

“We refuse to put our customers at risk of another entry - so have decided to completely retire this version of our website.”

The statement also included a note addressed to the hacker, which said: “If you are reading this, our web team would like to say that your talents are formidable. We would like to offer you a job - were it not for the fact that your morals are clearly not compatible with ours or our customers.”

The Australian arm of Lush has assured customers that no credit card details of customers that shop at the lush.com.au store have been compromised.

"Our web site is not affiliated with the Lush UK web site," a spokesman told iTnews.

The British attack compelled Lush's local arm to have its web properties "reviewed and tested by our IT Company," the spokesman said, which was given a clean bill of health.

"Our website has not been victim to hackers during the period of October until now and is safe."

This article originally appeared at itpro.co.uk

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © ITPro, Dennis Publishing
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

China blamed after cyberattack hits Czech Republic

China blamed after cyberattack hits Czech Republic

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?