Customers defrauded after Lush website hack

Tweet

Lush forced to close down its website due to a security breach with hackers stealing customer's card details.

The company sent an email statement to customers last week outlining the incident and urging them to contact their banks.

Lush has taken down its website altogether "Our website has been the victim of hackers," Lush said. "Twenty-four-hour security monitoring has shown us that we are still being targeted, and there are continuing attempts to re-enter. We refuse to put our customers at risk of another entry — so have decided to completely retire this version of our website."

The incident affected customers who placed online orders between 4 October, 2010 and 20 January, 2011, according to Lush. Orders placed in Lush's shops or via telephone are not affected.Some security experts have questioned Lush's timing in notifying customers of the breach. The company has acknowledged that it discovered the issue in late December, yet affected transactions include ones placed in January.

Your name:
Comment:
	Enter the characters from the image above