Daily cyber threats and internet security news: network security, online safety and latest security alerts
February 15th, 2011

LUSH Websites In Australia And New Zealand Breached, Hackers Stole Customers Billing Details

LUSH Cosmetics, a company selling handmade cosmetics products, has shut down its websites in Australia and New Zealand after hackers breached them and stole customer billing details. LUSH Cosmetics was started in the UK in 1994 and now has 600 stores in 43 countries, including US, Canada, Australia and New Zealand.

The company has advised people who placed online orders on any of the two websites, to contact their banks and discuss cancelling their credit cards to prevent abuse. This new data breach comes after last month LUSH UK announced that hackers stole payment information from its website.

A lot of customers reported fraud on their cards following the incident, which, according to messages posted on the LUSH AUSTRALASIA’s page, has started happening now too. Meanwhile, LUSH points out that the Australian and New Zealand websites have nothing in common with the UK one, except for all of them being targeted.

“As a precautionary matter we have removed access to our website while we carry out further checks,” the company said in a statement that now serves as placeholder for its homepage.

LUSH Australia director, Mark Lincoln, told the Herald Sun that the company’s hosting provider notified it about the breach.

Since then, a computer forensics expert was hired to determine what went wrong and the authorities have also launched an investigation into the incident.

Mr. Lincoln revealed that the Australian website alone had 39,000 registered customers who were all contacted following the incident. The company is building an entirely new, more secure, site and expects it to be online within two months, which is similar to the decision taken by LUSH UK.

“Again, we would like to say that we are truly sorry and thank all our customers for standing shoulder to shoulder with us during this difficult time,” the company said.

Credit: News

Share this item with others:

More on CyberInsecure:
  • Acer’s European Website Breached, 40,000 Users Data Stolen
  • Online Music Service Breached By Hackers
  • Sony Second Data Breach Expose Over 24 Million Personal And Financial Records
  • New Hampshire Radiology Practice Servers Breached, 231400 Patients Records Stolen
  • High Profile New Zealand Sites Registered At Defaced Through DNS Hijack

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: LUSH Websites In Australia And New Zealand Breached, Hackers Stole Customers Billing Details

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.