Lush to launch new website in wake of hacking

Internet Retailing, By Chloe Rigby, August 12, 2011

Online retailer Lush is planning to launch a new community-focused website this autumn, replacing one that was taken down earlier this year after a data protection breach left up to 5,000 of its customers exposed to hackers. The news follows a ruling this week by the Information Commissioner’s Office (ICO) that the handmade cosmetics company breached the Data Protection Act when its website security was compromised for four months. The ICO has now warned other online retailers to make sure their payment security is up to standard. In a statement, Lush said it had learned a lot since the hacking and that its new website would exceed the requirements of the Payment Card Industry Data Security Standard, which it must comply with in order to meet the ICO’s ruling.  Its current, temporary, site, it said: “has been the subject of rigorous penetration testing and additional security measures. Just like our old site, our temporary website does not store credit card data. But unlike our old site, it now takes customers’ away from our server at payment stage and through to the banks own server, where payment is taken. This gave us the confidence to put a website back up to trade again. We hope that it has also given our customers the confidence to return and shop with us once again.” Lush said its new site, to be launched in early September, would offer ecommerce transactions as well as social media and user generated content, becoming a “community-based social network where staff can interact with customers and help them make the right product choices.” Customers will also be able make their own contributions to the site, starting discussions on issues from products to campaigns.

  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: