Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Cosmetic Retailer Lush Targeted By Hackers

Posted by timothy on from the people-are-bad dept.

Tasha26 writes "Cosmetic retailer Lush stopped its online activities on Jan 21 due to hacking activities. Their website is still down due to 'continuing attempts to re-enter,' and Lush is thinking of spinning a small PayPal outlet as a temporary solution. The company is urging customers who placed an order between Oct 2010 and Jan 2011 to contact their banks for advice on compromised credit card details. The company even posted a message addressed to the hacker, saying, 'If you are reading this, our web team would like to say that your talents are formidable. We would like to offer you a job — were it not for the fact that your morals are clearly not compatible with ours or our customers.'"

2 of 109 comments (clear)

  1. My opposite experience by cappp · · Score: 5, Funny

    Weird. My ex always sent me off to increase my "online activities" whenever I made "continued attempts to enter".

  2. Re:Oh come on... by rtfa-troll · · Score: 5, Insightful

    A "top notch" IT team will have

    • offline backups
    • the ability to restore quickly
    • the ability to expand capacity quickly
    • the ability to do almost immediate updates*
    • basic forensic ability to work out what's going on

    Sure, your system may be compromised. Sure; the first replacement system may be compromised again. During the compromise of the second you should get enough logs that the third (or at worst fifth time) you come back, all the zero day attacks the attacker is using have gone.

    Anyone can lose a few hours of outage. To be down for a day and have to start begging for mercy is not a sign that their IT "skills are formidable"

    * at the cost of a short term outage;

    --
    =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();