We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
LUSH - Important News - UPDATED
Options
Comments
-
Got done on 2 cards £30 to O2 and £4 to Tmobile. I have backround scanner running all the time... Hey ho I got the money back just a hassle waiting for new card and pin number....:oMFW 2011 No. 161 £946.54/£2000 TargetApril 9/15
March 14/15 
Feb NSD 15/14 
April GC £121.00/£130 March GC £127.60/£150
I Love my Furbabies :smileyhea0 -
Oh lords, here come the ill-informed suggestions of "Inside job" :doh:
There are ways to get into systems, steal details and close the door quietly behind you, such an attack would be undectable to a Malware scan (there isn't any) and would only come to light as complaints started coming in or someone notices something unusual going on in the systems, not always easy.
If you are using WiFi at home, anyone with the know how can easily break into your connection, and from there even get into your computer, from the comfort of anywhere within range, probably from a car parked outside etc...and passwords are usually just a minor issue that could take a decent program all of a few seconds to break if you used just a simple word (and adding a number on the end would hold it up just a few more seconds). Once inside they can freely look around all your files and folders, look out for bank details etc, then leave...all you would spot is a possible slow down in your connection at the time.
Fact is, most corporate websites are hacked, and details stolen, and more often than not the attack goes un-noticed forever, the people affected see money leave their account, phone bank, get it sorted and never firgure out how their details got stolen...so it goes generally unreported.We have removed your signature - please contact the forum team if you are not sure why - Forum Team0 -
Savvybunny2009 wrote: »I run a virus check each time lol, but I have been the victim of card fraud so I'm extra cautious although not very practical when a grabbit is around.
That's not going to help you in a situation like this, attack was at the other end.We have removed your signature - please contact the forum team if you are not sure why - Forum Team0 -
This thread was a timely reminder to go take card details off sites that store them automatically like Amazon and Play,i also just took them off Debenhams and M&S.
I've also been the victim of CC fraud previously,thankfully i don't use Lush products.0 -
This thread was a timely reminder to go take card details off sites that store them automatically like Amazon and Play,i also just took them off Debenhams and M&S.
Thanks - although cannot take the one off from Play.com! So just enetered random digits. Amazons have been taken off... I didnt think they were allowed to store that kind of data?MFW 2011 No. 161 £946.54/£2000 TargetApril 9/15 March 14/15 Feb NSD 15/14
April GC £121.00/£130 March GC £127.60/£150
I Love my Furbabies :smileyhea0 -
Oh lords, here come the ill-informed suggestions of "Inside job" :doh:
There are ways to get into systems, steal details and close the door quietly behind you, such an attack would be undectable to a Malware scan (there isn't any) and would only come to light as complaints started coming in or someone notices something unusual going on in the systems, not always easy.
If you are using WiFi at home, anyone with the know how can easily break into your connection, and from there even get into your computer, from the comfort of anywhere within range, probably from a car parked outside etc...and passwords are usually just a minor issue that could take a decent program all of a few seconds to break if you used just a simple word (and adding a number on the end would hold it up just a few more seconds). Once inside they can freely look around all your files and folders, look out for bank details etc, then leave...all you would spot is a possible slow down in your connection at the time.
Fact is, most corporate websites are hacked, and details stolen, and more often than not the attack goes un-noticed forever, the people affected see money leave their account, phone bank, get it sorted and never firgure out how their details got stolen...so it goes generally unreported.
Were Lush using Wifi?
The fact is most card theft is done from the physical presence of a card or the details of a card & not over the internet because retailers secure the details.
You make the Lush description of events sound common place. It isn't.Not Again0 -
With respect you obviously don't work in IT security! Properly encrypted data is not "easy to decrypt".
not "easy" to the ammateurs but if these people are confident enough to hack into a site such as lush and commit a crime this large, id say they were pretty confident in what they were doing and would be able to decrypt it without having too many problems. im quite confident when i say that these people arent your average joes and would probably be part of a large online hacking group which then shares the details. plenty of this goes on without you even being aware of it, many hackers steal large companys databases and then get paid for the releasing for their details. this goes on on a daily basis so yes i think that the hackers who commit these kind of crimes know exactly what theyre doing and how to do it good to not be tracedWho would say I couldn't make you mine? You were mine since th' beginning of time. Who would say we were far apart? You ever reside in the core of my heart?
:A
0 -
I made my first ( & now last) order in November to buy Christmas presents for my family, so I've just cancelled my card. Thanks for posting this thread. I'll have avoid this area of the forum until my new card comes 0
-
Unfortunately this is not new - TK Maxx were hit in 2007:
http://news.bbc.co.uk/1/hi/business/6508983.stm
45 million cards were potentially affected in the UK and US; although many were believed to be expired card numbers.
Wi-Fi WAS involved, according to Wikipedia
Details were stolen by hackers installing software via wi-fi in June 2005 that allowed them to access personal information on customers. The breach continued until January 2007.
Eleven people from around the world were charged with the breach in 2008. Outside security provider Protegrity has estimated that T.K. Maxx's losses as a result of the data breach may reach £800 million in the years to come. The losses would come as a result of paying for credit checks and administrative costs for managing the fallout from the breach0 -
yummy.scrummy.mummy wrote: »not "easy" to the ammateurs but if these people are confident enough to hack into a site such as lush and commit a crime this large, id say they were pretty confident in what they were doing and would be able to decrypt it without having too many problems. im quite confident when i say that these people arent your average joes and would probably be part of a large online hacking group which then shares the details. plenty of this goes on without you even being aware of it, many hackers steal large companys databases and then get paid for the releasing for their details. this goes on on a daily basis so yes i think that the hackers who commit these kind of crimes know exactly what theyre doing and how to do it good to not be traced
PCI DSS requirements are extremely stringent regarding data encryption (actually they are stringent regarding everything - the standard is a right pain in the *** to achieve). If there was any likelihood of such data being decrypted even by "professional" hackers then I'd expect the standard to change very quickly.
I'd be really surprised if Lush were fully compliant *and* got the card details stolen. If they were then they'd probably have posted as such on their web site. It would be a very reasonable defence.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.2K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.7K Spending & Discounts
- 244.2K Work, Benefits & Business
- 599.2K Mortgages, Homes & Bills
- 177K Life & Family
- 257.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards