Lush confirms it was hit by a cyberattack - but it isn’t saying much else

The company isn’t sharing any details just yet

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cosmetics retailer Lush has confirmed suffering a cyberattack, but the details are currently scarce.

In ashort announcementposted on its website, Lush said it was currently “responding to a cyber security incident and working with external IT forensic specialists” as it thoroughly investigates the matter.

The announcement, posted on January 11, says the investigation is at an early stage. Lush has, however, “taken immediate steps to secure and screen all systems in order to contain the incident” and limit its impact on the company’s operations.

Cosmetics firms in the crosshairs

Until Lush reveals more details, we can only speculate, but given that the company now seeks to “contain the incident”, there is a chance that it fell victim to a ransomware attack.

Usually,ransomwareoperators will try to encrypt all of the data found on the victim network and exfiltrate it, in order to sell it back for cryptocurrency.

During ransomware attacks, businesses will sometimes shut down their systems to prevent total encryption, and will seek to restore compromised endpoints with the help of backups.

Even though beauty and cosmetics firms are not the most popular target among ransomware operators, they still get hit from time to time. Estee Lauder, for example, has suffered at least two cyberattacks in recent years, one in 2020, and another one in 2023.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

In mid-July 2023, Estee Lauder said the hackers managed to steal some data from its systems and disrupt parts of its operations. The company managed to restore its systems, but was also forced to take down parts of its infrastructure to contain the incident.

“We take cyber security exceptionally seriously and have informed relevant authorities,” Lush concluded in its announcement. The authorities, besides the police and possibly Europol, would also include the Information Commissioner’s Office (ICO).

TechRadar Pro has contacted Lush for comment.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

I review TVs for a living and this record-low price on the Hisense U8N is one of the best early Black Friday deals I’ve seen