Cosmetics retailer, Lush, has been forced to pull its website after being victim to hackers.
In a statement published by Lush, the company said its 24-hour security monitoring revealed it was still being targeted.
“We refuse to put our customers at risk of another entry – so have decided to completely retire this version of our website,” said Lush.
It warned customers who have placed online orders over a four-month period between 4th October 2010 and 20th January 2011 to contact their banks as their card details may have been stolen.
Its temporary website will be launched in a few days and will only accept PayPal payments.
Customers placing orders via its mail order phone room would not have been affected.
And in a special message to the hacker, Lush said, “If you are reading this, our web team would like to say that your talents are formidable.
“We would like to offer you a job – were it not for the fact that your morals are clearly not compatible with ours or our customers’.”
Security advisor Rik Ferguson from Trend Micro has posted a blog responding to the issues concerned with online shopping in relation to the hackers attack on Lush’s website.