Cosmetics firm Lush had their Australian and New Zealand websites hacked this week. Only last month their UK website was hit. All these websites are currently down and they reckon it will be months before they are trading online again. They are in the embarrassing position of going to customers to tell them to change their credit cards. A high price to pay for a bar of soap!
Mark Lewis, one of the founders of IP Payments, says in today’s BTalk podcast that they almost certainly didn’t meet PCI DSS compliance — a worldwide data security standard applied by the Payment Card Industry. Failing to meet the standards can attract hefty penalties from the credit card providers, not to mention the damage to your brand when a security breach occurs.