LUSH - Important News - UPDATED

teabythesea

Really poor customer service from Lush. They knew about this months ago, I mean are they serious?! Not one email has been sent out!!

Dan2310

Just a question which may sound a bit sillyy but,

I placed my last order in March 2010, my details wont be affected will they?

What I am thinking is that the hackers got into the site on the 4th October and thats when they have been getting details since and not from details from past orders?

Am I right and thinking this?

shikoku

Dan2310 wrote: »

Just a question which may sound a bit sillyy but,

I placed my last order in March 2010, my details wont be affected will they?

What I am thinking is that the hackers got into the site on the 4th October and thats when they have been getting details since and not from details from past orders?

Am I right and thinking this?

I would get the card cancelled tbh.

_Roxy_

shikoku wrote: »

I would get the card cancelled tbh.

its only transactions from October 4th that have been affected. Way back to March would be fine unless you've noticed any suspicious activity!

redcard

Dear Customer

We would like to draw your attention to the statement below, as we believe you placed an order with us during the affected period. We are keen for customers not to have their credit cards used fraudulently, so urge you to contact your bank.

Thank you for your past custom, we really appreciate all the support you give - especially at this time whilst we are under attack.

Everyone at Lush xx

********************************************************************************

Our website has been the victim of hackers.

24 hour security monitoring has shown us that we are still being targeted and there are continuing attempts to re-enter.

We refuse to put our customers at risk of another entry - so have decided to completely retire this version of our website.

For complete ease of mind, we would like all customers that placed ONLINE orders with us between 4th Oct 2010 and today, 20th Jan 2011, to contact their banks for advice as their card details may have been compromised.

We Believe hacking is a serious crime which steals large amounts of money and disrupts the lives of cardholders.
We Believe that hacking erodes the trust between businesses and their customers and creates a climate of fear around online ordering.
We Believe in working with police and banks to do all we can to bring this branch of organised crime to justice.

A completely separate, temporary website will be launched in a few days - initially taking PayPal payments only.

Meanwhile we would be delighted to serve you in our shops or take your order at our Mail Order Phone Room. Both of which have not been affected by this crisis since the credit card terminals are directly linked to the banks only and are not internet based.

We would like to thank all our customers for standing shoulder to shoulder with us whilst we have shared being victims of this crime.

Mail Order Phones are open:
Mon - Fri 8am to 9pm
Sat 9am to 5pm
Sun 10am to 4pm

Tel: 01202 668545



Standing shoulder to shoulder? We've shared being victims?

This email is freaking patronising and ridiculous

Issyc

The bit I couldn't understand was where they say about how clever the hacker is and how they would employ him/her but won't because of the lack of morals that the hacker has. Sarcasm is not professional for a Company.

gentleorange

yummy.scrummy.mummy wrote: »

hope you drive down to where they live and give them a piece of your mind!! thugs these days are scum, seems to be happening more and more. not long ago i had a rootkit on my pc and someone was watching me on webcam etc and was watching as i typed in my card details. was a highly distressing time and i called the police as this person was opening folders on my pc in notepad but of course the police did nothing and thought i merely had my passwords stolen!! the law needs to get tougher on this sort of action as it can and will ruin lives

I'm a bit of a technophobe so I'm not sure I understand - did someone hack your webcam??:eek:

gentleorange

Issyc wrote: »

The bit I couldn't understand was where they say about how clever the hacker is and how they would employ him/her but won't because of the lack of morals that the hacker has. Sarcasm is not professional for a Company.

It is a bit flippant in tone considering loads of their customers may have had their accounts used fraudulently, and lots more may be without a card for a week while they get a replacement, and all the rest of the hassle like having to edit card details on sites, etc. There's a time and a place for little jokes.

And I agree with the above poster - it does sound like they have known about this for months but did not stop anyone placing online orders:mad: People have been asking them for a Paypal option for years, and they're talking about it now like it's a good idea they just had.

Issyc

I think the police are not specialist enough to deal with computer crime. They have various departments for it but it is rife and they don't have the resources and expertise to deal.

Issyc

costello75 wrote: »

It is a bit flippant in tone considering loads of their customers may have had their accounts used fraudulently, and lots more may be without a card for a week while they get a replacement, and all the rest of the hassle like having to edit card details on sites, etc. There's a time and a place for little jokes.

And I agree with the above poster - it does sound like they have known about this for months but did not stop anyone placing online orders:mad: People have been asking them for a Paypal option for years, and they're talking about it now like it's a good idea they just had.

It is very flippant. It is not just the physical effects of this type of crime, it is also the worry and distress it causes to the victims.