Shoppers' credit card details exposed
Article by Mozo
Around 40,000 shoppers' credit card details may have been exposed following a security breach on soap maker Lush's website.
The store's Australian and New Zealand sites are currently down and a single banner page alerts customers to the fact that the site has been a victim of a "privacy breach" and that "personal data may have been obtained by hackers."
Lush was contacted by its web-host yesterday and informed of the server breach.
In January Lush's UK site was targeted by hackers and data was left open to corruption for up to four months.
Mark Lincoln, Lush's Australasia director, told ABC Online that credit card details could have been stolen because of an issue in the coding of the website.
However, Lush is as yet unable to confirm how long personal details may have been at risk and the company admitted to ABC Online that customers were unaware their credit card details were being stored.
The company is working with police, forensic investigators and banks to discover how the site was compromised.