14 DAY TRIAL // LUSH Cosmetics, a company selling handmade cosmetics products, has shut down its websites in Australia and New Zealand after hackers breached them and stole customer billing details.
The company has advised people who placed online orders on any of the two websites, to contact their banks and discuss cancelling their credit cards to prevent abuse.
LUSH Cosmetics was started in the UK in 1994 and now has 600 stores in 43 countries, including US, Canada, Australia and New Zealand.
This new data breach comes after last month LUSH UK announced that hackers stole payment information from its website.
A lot of customers reported fraud on their cards following the incident, which, according to messages posted on the LUSH AUSTRALASIA's page, has started happening now too.
Meanwhile, LUSH points out that the Australian and New Zealand websites have nothing in common with the UK one, except for all of them being targeted.
"As a precautionary matter we have removed access to our website while we carry out further checks," the company said in a statement that now serves as placeholder for its homepage.
LUSH Australia director, Mark Lincoln, told the Herald Sun that the company's hosting provider notified it about the breach.
Since then, a computer forensics expert was hired to determine what went wrong and the authorities have also launched an investigation into the incident.
Mr. Lincoln revealed that the Australian website alone had 39,000 registered customers who were all contacted following the incident.
The company is building an entirely new, more secure, site and expects it to be online within two months, which is similar to the decision taken by LUSH UK.
"Again, we would like to say that we are truly sorry and thank all our customers for standing shoulder to shoulder with us during this difficult time," the company said.
