Retailer's online store hacked
Lush customers who have made online purchases may have to cancel their credit cards after the popular handmade cosmetics business was targeted by hackers.
Lush shut down its Australian and New Zealand websites on Tuesday, leaving only a statement warning customers to urgently contact their banks.
"We are sorry to announce that the Lush Australia and New Zealand websites have been hacked," the company said in the statement that ends from "all of us at Lush x".
"We have been alerted today to advise that entry has been gained and customer personal data may have been obtained by the hackers.
"We urgently advise customers who have placed an online order with Lush Australia and New Zealand to contact their bank to discuss if cancelling their credit cards is advisable."
The local Lush says its website is not linked to the Lush UK website that was recently compromised.
But it appears the Australian and New Zealand sites have also been targeted.
"As a precautionary matter, we have removed access to our website while we carry out further security checks."
Comment was being sought from the company.
Lush said it was doing all it could to investigate the privacy breach and was working with the police, forensic investigators and banks.
"We are in the process of contacting each of our online customers individually by email," the company said.
"Customers who have used cards with us in our shops or via fax or phone are not affected."
It was too soon to say when the website may be up and running again, Lush said.
Thursday, 17 February 2011
[Return to Latest News]