MASIGNCLEAN104

Lush Cosmetics Australian Website Hacked !

iklan banner
The Australian together with New Zealand shopping site of cosmetics retailer Lush has been hacked but weeks later a similar breach occurred on the United Kingdom of Great Britain together with Northern Ireland of Britain together with Northern Republic of Ireland site.  Credit carte du jour details together with other intimate information of shoppers convey been exposed.


If you lot catch the Lush Cosmetics Australian website you volition honor a unmarried banner page announcing that the site has suffered a "Privacy Breach."  This is contained every bit a unmarried JPG ikon alongside no other links on the page.  In fact if you lot role your favourite search engine to honor sub-pages, they all provide a 404 error.  It would seem that the entire site has been removed from the server together with the unmarried banner page lay inward its place.

In part, the site arguing says:

We are lamentable to convey to denote that the Lush Australian together with New Zealand websites convey been hacked.  We convey been alerted today to propose us that entry has been gained together with client personal information may convey been obtained past times the hackers.

We urgently propose customers who convey placed an online companionship alongside Lush Commonwealth of Australia together with New Zealand to contact their banking concern to hash out if cancelling their credit cards is advisable.


Whilst our website is non linked to the Lush United Kingdom of Great Britain together with Northern Ireland of Britain together with Northern Republic of Ireland website, which was latterly compromised, it appears that the Australian together with New Zealand Lush sites convey every bit good been targeted.  As a precautionary affair nosotros convey removed access to our website patch nosotros behavior out farther safety checks.


So, this arguing is telling customers that in that location was a breach inward the AU/NZ site together with that it follows a similar breach at the UK operation a yoke of weeks before identifying that transactions on the United Kingdom of Great Britain together with Northern Ireland of Britain together with Northern Republic of Ireland site betwixt fourth Oct together with 20th Jan convey been breached (the arguing notes that they "hope that nosotros convey overestimated the timeframe involved, inward companionship to minimise the total of customers involved").



According to the United Kingdom of Great Britain together with Northern Ireland of Britain together with Northern Republic of Ireland statement, customers HAVE suffered fraudulent transactions on their credit cards although it is unclear whether these transactions were the kickoff Lush knew of the final result or whether it was uncovered past times their ain monitoring.

As yet, neither performance has given whatever clues every bit to the rootage of the breach, although typically such eCommerce hacks are targeted at the SQL server.

Influenza A virus subtype H5N1 major query that needs to live on addressed is why 2 related sites convey suffered similar breaches inside weeks of each other. Another is did the local Lush website managing director exam the validity of his site's safety inside seconds of hearing close the United Kingdom of Great Britain together with Northern Ireland of Britain together with Northern Republic of Ireland incident every bit would live on expected. If so, together with then why did a similar breach plough over withal again? It is non known whether the ACCC volition perish involved alongside this latest incident but it would non live on a surprise.

"Again nosotros would similar to say that nosotros are genuinely lamentable together with give cheers our customers for standing shoulder to shoulder alongside us during this hard time."

Lush Commonwealth of Australia has been contacted for comment.


News Source : Google
Share This :