Data Protection Breach
The Information Commissioner's Office (ICO) has ruled that cosmetics retailer Lush breached the Data Protection Act after the security of its website was compromised. The breach, which happened between October 2010 and January 2011, meant that hackers could access the payment details of 5,000 customers who had previously used the company's website.
Lush has signed an undertaking to ensure that future customer credit card data will be processed in accordance with the Payment Card Industry Data Security Standard.
The ICO is warning online retailers that if they do not adopt this standard, or provide equivalent protection when processing customers' credit card details, they risk enforcement action from the ICO.
Lush discovered the security lapse in January 2011 after receiving complaints from 95 customers who had been the victim of card fraud. On investigating, Lush discovered that hackers had managed to access their customers' payment details.
The ICO's investigation found that Lush's systems were not sufficient to prevent a determined attack on their website. The business's procedures for recording suspicious activity on their website were also insufficient, causing a delay in identifying the security breach.
Acting Head of Enforcement, Sally Anne Poole said:
'With over 31 million people having shopped online last year, retailers must recognise the value of the information they hold and that their websites are a potential target for criminals.'
'Lush took some steps to protect their customers' data but failed to do regular security checks and did not fully meet industry standards relating to card payment security. Had they done this, it may have prevented the fraud taking place and could have saved the victims a great deal of worry and time invested in claiming their money back. This breach should serve as a warning to all retailers that online security must be taken seriously and that the Payment Card Industry Data Security Standard or an equivalent must be followed at all times.'
Internet link: ICO press release
Our other services...
We can help with the preparation of accounts for all types of business. Whether you are a Sole Trader, Partnership, Limited Company, Limited Liability Partnership or a Charity, AGP has the expertise to deal with you. We help you fulfil all your obligations with HMRC, Companies House and any other regulatory body that you are required to report to.
An audit provides a high level of independent assurance of the financial position and results of an organisation. This gives shareholders confidence that the reported performance of the business is accurate as well as providing external users with certainty that the accounts show a true and fair view. An audit lends credence to the company accounts in a number of ways.
It is important to ensure your tax planning reflects any changes to your circumstances which is why we work very closely with all our personal clients. AGP are trusted to manage tax efficiently. Sometimes just a simple review of your personal tax circumstances can reveal significant tax saving opportunities which can be realised quickly and at minimal cost..
AGP can become your own part-time Payroll Manager. An expert who knows the complexity of the relevant legislation inside out and for a fraction of the cost of an internal manager. Why not outsource this obligation and spend the time saved doing what you do best, running your business?
Corporation tax can be a huge outgoing for your company if it is not managed correctly and planned appropriately. You can trust AGP to employ a holistic approach to your tax planning whether you are a medium sized SME, an international organisation or a small owner-operator.
Management accounts allow business owners to exert a far greater degree of control over their business, recognising and addressing problems and identifying opportunities soon after they arise.
When running a business, priorities are often focused on the operational side of your business. Bookkeeping & administration can often be put off until it becomes quite a major task. By taking advantage of our bookkeeping service, we can take this problem away so you can get on with running your business while we manage your accounting books.
We take away the hassle. Whether starting a new business or restructuring an existing one, our extensive knowledge of company formation means we can advise you on the merits and possible pitfalls of incorporation.
We have a wealth of experience in the contractor market and as a result there are not many firms of Chartered Accountants that can claim they know the contractor industry as well as AGP. This leads to a number of benefits.