Cosmetics Store Lush Hacked — Again

Nearly a month after hackers went after natural cosmetics brand Lush and exposed thousands of customers’ bank details, the company was struck again by a cyber attack that compromised its Australian and New Zealand websites.

Herald Sun reported that Lush yesterday sent an email to customers, urging those who had placed an online order with the company to contact their bank to discuss canceling their credit cards.

“While our website is not linked with the Lush UK website, it appears the Australian and New Zealand Lush sites have also been targeted,” the letter read. “As a precautionary matter, we have removed access to our website while we carry out further security checks.”

Lush Australasia director Mark Lincoln told ABC News Online the company’s online customer database had been stolen, and the outdated website left customers exposed to the cyber attack.

“The code that the website was written in was a very old version and it hadn’t been updated, so it was a legacy from that code,” he told ABC News Online.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Government Cloud


Written by Admin

Lynn Talks Pentagon's Cyber Plan at RSA Conference
Executive Mosaic Names Stephanie Hill, EVP of Rotary and Mission Systems at Lockheed, to 2022 Class of Wash100 Award for Securing Major Military Contracts, Advancing Engineering & JADO Capabilities - top government contractors - best government contracting event
Executive Spotlight: Paul Smith of Red Hat