Lush Cosmetics To Revamp Data Security After Breach

Law360, New York (August 11, 2011, 1:57 PM EDT) -- Lush Cosmetics Ltd. agreed Tuesday to improve the data security protections on its website after the U.K.'s privacy watchdog concluded that the retailer had insufficient controls in place when a recent breach compromised 5,000 customer credit card records.

Lush CEO Mark Constantine signed an undertaking committing the retailer to taking the necessary steps, including to store the minimum amount of data necessary to receive payment and not keep the data longer than necessary, in order to ensure that future customer credit card data will be processed...
To view the full article, register now.