Lush Fresh Handmade Cosmetics that is commonly trademarked as LUSH is a producer and marketer of ethical beauty products headquartered in the United Kingdom with more than 400 stores across the globe. The company produces and sells a wide range of handmade products such as soaps, hair treatment, face masks, hand and body lotions, and bath bombs. These products are made from natural ingredients like fruits and vegetables including those that are rarely used in cosmetics. Consequently, the trademark of the company's brand is its enthusiasm for fresh and natural homemade products.
Lush Fresh Handmade Cosmetics packages its products in sizes, shapes, colors and aromas that can easily be mistaken for edible items. Notably, Lush does not use animal fats in their product since the company is against animal testing but conduct tests with volunteers only. The firm's success is also attributed to its employees' passion and enthusiasm for their work which is transferred into an addictive in-store customer experience. Additionally, the company's success is signified by its products, packaging, and promotions.
The initial establishment of what has now become Lush Fresh Handmade Cosmetics Company was initiated in 1976 by Mark Constantine and Elizabeth Weir. The beauty business, which was known as Constantine and Weir (C&W) Plc, developed a series of bath and body products in Poole, Dorset, UK. This company also began to supply its cosmetic products that were developed naturally to various retailers in the area. The company continued to grow and became a constant supplier to the rapidly growing chain of cosmetics products in 1977. Together with his team at the firm, Constantine introduced the anti-animal testing angle in the cosmetics business.
As a regular supplier of cosmetics products to the rapidly growing chain of The Body Shop, Constantine and Weir Plc also grew rapidly. The company was known for its innovative product ideas that made it a very successful and profitable firm with estimated sales of £8.5 million. Following a sour relationship with The Body Shop in the late 1980s because of the refusal of some of Constantine's product ideas, Constantine began a mail order catalogue business known as Cosmetics to Go (CTG) with its headquarters in Poole. The venture sold natural and handmade beauty products as well as perfumes, which were not animal-tested.
With a minimal packaging of its products, this venture became a big failure because it could not meet customers' orders quickly enough though it had established a huge customer base and grew rapidly. However, the business was later re-invented after Constantine and his team began a retail business. This initiative marked the birth of today's Lush Company, whose first store was formally opened on May 23, 1995 at Poole, Dorset, UK. By the end of 2006, the company had over 400 shops across the globe located in 29 countries following its increasingly rapid growth, success and profitability. Since 2006, Lush Fresh Handmade Cosmetics has increased its operations to over 600 stores that are located in more than 43 countries around the world. This rapid growth and success can be attributed to various factors including innovative product ideas and design, friendly customer experience, and multi-channel distribution strategy.
Current Issue at Lush Cosmetics:
The growth, success and profitability of Lush Fresh Handmade Cosmetics have also been affected by various issues and challenges that the company has faced throughout its history. For example, the company was faced with the fear of making mistakes when it embarked on new product development initiative. The major issue Lush has faced in the recent past is the aggressive hack attack that took place between October 2010 and January 2011 (Kennedy par, 3). This reinforced the need for companies involved in internet marketing like Lush to ensure that they develop a strong and secure e-commerce platform during website development.
Lush Hacker and Data Breach Problem:
While the company gave minimal details regarding their hacking attack, it reported that there were successful initial intrusion and repetitive attempts at re-entry on their website. The company also reported that it was only their UK website that was affected by these hackers. Following the attack, Lush advised its customers who placed an online order between October 4, 2010 and January 20, 2011 to get in touch with their banks, stating that their credit card details had been compromised.
After stealing credit cards information during the hack attack on the company's UK website, the cyber thieves were cashing. Consequently, Lush was forced to shut down its online shop in January 21, 2011 and replaced its homepage with a message about the attack. During this period of the attack, many of the firm's customers reported that their credit cards had been utilized fraudulently. These customers revealed their anger and frustrations regarding the online security lapse through the company's Facebook page. Some of these customers stated that they had lost huge amounts of money and had been forced to cancel their credit cards in case they were about to be abused. On the other hand, other customers stated that they had detected the problem earlier and requested for compensation for the lost money.
Notably, consumers of the firm's products reported that they noticed fraudulent transactions in their bank accounts with similar dollar amounts for items like Xbox Live Charges, prepaid phones, and hotel bookings. In a shocking move, Lush decided to completely shut down its UK website and replaced it with a temporary online shop, which accepted PayPal payments from customers. However, the temporary online shop contained messages or notes to both the company's customers and the cyber thieves (hackers).
Analysis of the Hacker Problem:
One of the major concerns surrounding the hacker problem at this company is when its management became aware of it since some customers stated that they had detected the problem four months earlier. The company's ethical director reported that they became aware of the problem on December 25, 2010 after discovering that hackers had penetrated their website. With such revelations, additional questions are being raised on why it took the company more than three months to detect the problem. The hacker attack signified the practicality and reality of the ability of cyber thieves to use stolen credit card numbers.
This attack also revealed that hackers or cyber thieves were seeking for cash after the company's European customers started reporting small purchases with credit cards used on Lush website and other online shops. These small transactions and purchases were attempts by the hackers to detect whether the stolen credit cards were still active ("Lush Hackers" par, 12). Through its ethics department, Lush Cosmetics Company revealed that these small purchases were test purchases being made on the firm's website because they were key to the cyber thieves' motives and mission. While the company's website was not vulnerable throughout the four-month window, the period was important and necessary to ensure that every at-risk customer was catered for.
The other major initial concern was the failure by the company to mention whether it had hired the services of a reputable computer forensics company to assess the damage and help identify the hackers. The company provided fewer details of the actual occurrences and didn't state any plans to customers which shows new controls being undertaken to prevent or restrict such problems in the future. The other troubling factor is the fact that the stolen credit cards are being reported as compromised by a company affected by compliance to PCI DSS. As mentioned earlier, this hacker problem underlined the necessity of developing a fortified and secure e-commerce platform.
Implications of the Hacker Problem:
Since the company mainly depended on online marketing as its primary marketing product, the hacker problem has serious implications on the company's & #8230;
While Lush is renowned for innovative product ideas and design as well as a friendly and highly-rated customer experience, the hacker problem has had a serious impact on its reputation. The online security lapse and data breach problem has among other things affected the company's reputation heavily. This is mainly because Lush online shopping website will no longer be considered as a secure platform for customers to provide their credit cards' details without the fear of compromise by hackers. Actually, this online shopping website will be regarded as a platform where credit card details are not kept secure and free from hacking.
Following the major impact on its reputation, the hacker problem will also have a huge impact on the Lush's productivity, profitability, growth, and success. Since most of the firm's customers have lost significant amount of money during the hacking period, the company's profits will decline significantly because most of these customers are unable to shop again. Secondly, the company's is likely to lose its profit margin because some customers have stated that they will never shop at Lush again because of the incident. Such customers are likely to negatively influence the decision of new customers who were considering to shop at Lush online shopping platform.