We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
LUSH - Important News - UPDATED
Options
Comments
-
Hi
Thanks, OP. So glad I only buy in-store.Sealed Pot Challenge No 089-Finally got a signature.:rotfl::j0 -
Sometimes when I buy online where I've bought stuff before my details have been stored and I love it - saves a lot of time/effort/typing.
Recently I negotiated a refund from DFSdirect for an item I had bought over the phone - the refund failed to appear in my bank account after a week - I rang them - they said they needed my card details to make the refund - I said you've got my card details I used my card to buy the item - they said under the Data Protection Act they had had to destroy my card details.
What's the difference?0 -
I've tried to be polite but with respect you don't have a clue what you're talking about.
20 years in IT security and you still arent aware that online security systems can be broken into by people who know how. you can create new things to protect more, but the fact is that hacking pays more than securing a system and always will. i do have a clue about what im talking about, please do not judgeWho would say I couldn't make you mine? You were mine since th' beginning of time. Who would say we were far apart? You ever reside in the core of my heart?
:A
0 -
PS I love everything about Lush their products and their ethos and I'm very sorry this has happened but I need to know they did everything they could to protect their customers.0
-
Got home before and thaught to myself should I ring up the bank or not, but decided to, didnt take long at all and Barclays said that I wont be able to use this card from now but a new one will be with me within three working days. So, if you have ordered with lush in the past and dont mind having no card for a couple of days (also dont mind adding your payment details to all the sites again) then it could be a good idea.
Better safe than sorry I think!0 -
Sometimes when I buy online where I've bought stuff before my details have been stored and I love it - saves a lot of time/effort/typing.
Recently I negotiated a refund from DFSdirect for an item I had bought over the phone - the refund failed to appear in my bank account after a week - I rang them - they said they needed my card details to make the refund - I said you've got my card details I used my card to buy the item - they said under the Data Protection Act they had had to destroy my card details.
What's the difference?
The difference is in the consent given and the proposed "purpose" of the data. Somewhere on the online form or in the terms and conditions will be a clause granting them the right to hold your details. On the phone you are unlikely to have been asked for your consent to hold them and the transaction is treated as a one off. The fifth principle of the Data Protection Act states that "personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or purpose." In the first instance, the "purpose" will be to maintain an account, therefore they can retain it. In the second it is to perform a one off transaction, therefore they can't.
HTH
SPCome on people, it's not difficult: lose means to be unable to find, loose means not being fixed in place. So if you have a hole in your pocket you might lose your loose change.0 -
yummy.scrummy.mummy wrote: »20 years in IT security and you still arent aware that online security systems can be broken into by people who know how. you can create new things to protect more, but the fact is that hacking pays more than securing a system and always will. i do have a clue about what im talking about, please do not judge
There's nothing wrong with judging. It's prejudging that's wrong.
I'm judging you fairly on what you've written & you don't know what you're talking about. For the last time POOR online systems can be broken into. Properly designed systems cannot. I look after systems for parts of the the Govt & the Police & I can assure you no-one has ever got past the first line of defence let alone the ones after that. Despite what you seem to believe it is not difficult to stop hackers, if you know what you're doing. The fact that you keep insisting it is easy simply proves you're not an expert I'm afraid.
"hacking pays more than securing a system and always will." Is a stupid statement that you've plucked out of thin air BTW, with no basis whatsoever in fact.
Anyway, if you want to keep insisting you are correct feel free, I'm not going to reply to you anymore since I get the feeling you are convinced you're right & won't listen to anyone telling you any different.0 -
little_lil wrote: »Thank you for this. Our card was used fradulently over christmas - now I know where they got the details from! Luckily Tesco spotted what was happening and stopped our card. But it has been bugging me where they got the details from as it was a fairly new card.
Back in December 2006 it was Tesco Direct that first realise that a fraudster was at large using the details of our credit card.
Be warned the effects can last a long time and you can never really prove that it was not you who initiated the scam (theft).
Details of the ongoing problems here:
https://forums.moneysavingexpert.com/discussion/3323390 -
There's nothing wrong with judging. It's prejudging that's wrong.
I'm judging you fairly on what you've written & you don't know what you're talking about. For the last time POOR online systems can be broken into. Properly designed systems cannot. I look after systems for parts of the the Govt & the Police & I can assure you no-one has ever got past the first line of defence let alone the ones after that. Despite what you seem to believe it is not difficult to stop hackers, if you know what you're doing. The fact that you keep insisting it is easy simply proves you're not an expert I'm afraid.
"hacking pays more than securing a system and always will." Is a stupid statement that you've plucked out of thin air BTW, with no basis whatsoever in fact.
Anyway, if you want to keep insisting you are correct feel free, I'm not going to reply to you anymore since I get the feeling you are convinced you're right & won't listen to anyone telling you any different.
Have you read the results from the boffins at Cambridge - they identified a way of hacking credit cards used in terminals last summer and have recently gone public because half the banks have done nothing about it.0 -
yummy.scrummy.mummy wrote: »20 years in IT security and you still arent aware that online security systems can be broken into by people who know how. you can create new things to protect more, but the fact is that hacking pays more than securing a system and always will. i do have a clue about what im talking about, please do not judge
Hi please get onto these magical hackers and ask if they can decrypt the AES-256 insurance file that Wikileaks released
Thanks. 0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244K Work, Benefits & Business
- 599K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards