The decision not to penalise Lush Cosmetics Group, after their website was hacked over four months, has been criticised by SecurEnvoy. The Information Commissioner's Office (ICO) made its report on the breach – which happened between October 2010 and January 2011 – of the cosmetics retailer earlier this week.
The ICO decided not to penalise Lush or require the firm sign an undertaking to prevent further data breaches. SecurEnvoy says the ruling sends out all the wrong messages.
Steve Watts, co-founder of SecurEnvoy, says the decision by the ICO comes after hackers were able to access the payment details of around 5,000 customers who had previously been web e-clients of the cosmetics firm.
“It's said that 95 customers of the site had complained. But it's a fair bet that a lot more who didn't complain also had their card details fraudulently used, and now the ICO doesn't plan on imposing a fine, or even securing a data protection undertaking from the company? This really does take the security biscuit,” he adds.
“What we have here is a major e-commerce Web portal - run by a consumer-friendly company that prides itself on its eco-friendly products and stance generally – that was solidly hacked for four months over the busy Christmas period, and essentially has got away scot-free.”
However a spokesperson for Lush Cosmetics Group says: “Since the incident, Lush has worked with industry experts and organisations to deliver a new temporary secure website that has been the subject of rigorous penetration testing and additional security measures.
“In early September, Lush will be launching a brand new website. The new site will have a range of security measures, which exceed PCI-DSS requirements, as well as a range of third party specialist security services in place.
“Our customers have been amazingly supportive and loyal throughout this whole period, for which we are humbly grateful. We are very sorry for the inconvenience and distress the hacking caused them and have done everything in our power to prevent this happening again.”
Latest News
-
Currys rolls out electronic shelf labels across stores in UK and Ireland
-
Everlane goes fully live on Shopify
-
Gymshark announces new CFO
-
Aldi invests £300m in price cuts across 900 items
-
Fenwick launches MyFenwick loyalty scheme with tiered rewards and cultural partnerships
-
Morrisons to roll out AI-Powered shopping trolleys
Supermicro and NVIDIA’s AI Solution for Retailers
To find out more: click here
Poundland significantly reduces antisocial behaviour, aggression and shoplifting with Motorola Solutions VT100 body cameras
Retail should not be a high-risk occupation. As a company, we are focused on listening to our colleagues and customers to help them with the issues they are facing in-store and so far, the feedback on our body cameras has been excellent. They act as a great visual deterrent, help to de-escalate situations and overall, this project has significantly aided our goal to make the retail environment safer.
For further information on Motorola Solutions’ retail security products, including body cameras, click here.
For further information on Motorola Solutions’ retail security products, including body cameras, click here.
© 2024 Perspective Publishing Privacy & Cookies
Recent Stories