The Hacker News
POOLE-based cosmetics retailer Lush is back online after it was forced to suspend internet sales after hackers attacked its website.
Lush closed the site last month and asked anyone who placed an online order between October 4 and January 20 to contact their bank in case their card details had been compromised.
A temporary site was back up and running late on Friday, before the full website re-launches.
Shoppers are now being directed away from the Lush site when they come to the checkout, making payments at the Worldpay site.
An online message to shoppers reads: "You can shop with confidence knowing that your details will be safe. Meanwhile the rest of the site has been tested by external experts to check that our processes are all as secure as they can be."
It adds: "Thank you all for coming back to us and trusting us to serve you again."
Lush became aware that its security had been breached on Christmas Day and investigated, but only told customers on January 21 when it shut down its online site and put with a warning about the hacker attack.
Many angry customers posting on the Lush Facebook site said they had lost money or cancelled cards as a result.
Lush ethical director Hilary Jones said the impact on trade would be "huge" following their decision to go public about the fact their website had been hacked.
"We'd be stupid to think anything less," she added. "Our website has not been trading for weeks and weeks and there is also the loss of confidence – some customers will not come back."
But she said there had been a lot of orders overnight after the re-launch – the equivalent of 24 hours of trade in one night.
She said they had been heartened by "a tremendous amount of sympathy and support from customers."

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.