Daily DashboardEuropean Data Protection Digest

Lush Confirms Breach

DATA LOSS—UK

January 21, 2011

ZDNet reports that Lush Cosmetics has suffered a data breach. The company issued a statement yesterday advising customers that credit card information was compromised when hackers entered the UK version of its Web site. ZDNet reports that Lush customers are reporting fraudulent transactions in their bank accounts. The company has shuttered the compromised site due in part to re-entry attempts by the perpetrators. In its statement, Lush said, "For complete ease of mind, we would like all customers that placed ONLINE orders with us between 4th Oct 2010 and today, 20th Jan 2011, to contact their banks for advice as their card details may have been compromised."
Full Story