Lush confirms it was hit by a cyberattack - but it isn't saying much else

The announcement, posted on January 11, says the investigation is at an early stage. Lush has, however, “taken immediate steps to secure and screen all systems in order to contain the incident” and limit its impact on the company’s operations.

Cosmetics firms in the crosshairs

Until Lush reveals more details, we can only speculate, but given that the company now seeks to “contain the incident”, there is a chance that it fell victim to a ransomware attack. 

Usually, ransomware operators will try to encrypt all of the data found on the victim network and exfiltrate it, in order to sell it back for cryptocurrency.

During ransomware attacks, businesses will sometimes shut down their systems to prevent total encryption, and will seek to restore compromised endpoints with the help of backups. 

Even though beauty and cosmetics firms are not the most popular target among ransomware operators, they still get hit from time to time. Estee Lauder, for example, has suffered at least two cyberattacks in recent years, one in 2020, and another one in 2023.

In mid-July 2023, Estee Lauder said the hackers managed to steal some data from its systems and disrupt parts of its operations. The company managed to restore its systems, but was also forced to take down parts of its infrastructure to contain the incident. 

“We take cyber security exceptionally seriously and have informed relevant authorities,” Lush concluded in its announcement. The authorities, besides the police and possibly Europol, would also include the Information Commissioner’s Office (ICO).

TechRadar Pro has contacted Lush for comment.

More from TechRadar Pro

• Estée Lauder suffers massive breach, 400m records exposed
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now