In The attack and compromise of their e-commerce site in the UK caused the company to not only launch an investigation but to completely shut down their site and rebuild from the ground up.
The implications of being hacked are generally thought of as simply an image problem - will customers come back after getting "the letter" or will they simply stay away?
Research and revenue has shown that customers can be more forgiving than some of us would like, but there is a definite dip in revenue even if temporary. What makes this case unique is that Lush Cosmetics has actually completely shut down its e-commerce website.
Lush left this message for its customers:
"A completely separate, temporary website will be launched in a few days - initially taking PayPal payments only."
That's not good, losing even a few days of global online revenue, plus the reputation of being offline a 'few days' is pretty bad, and you don't need an MBA to acknowledge that.
Only this is where the matter gets worse. News is that the site will be down for several months while it is completely rebuilt from scratch... now there is an ouch.
"The firm's ethics director, Hilary Jones, said: "The temporary site will be ready soon, but the rebuilt site - that's a few months off."
She said the new website was being built internally. She said the company didn't know what the effects would be on sales, saying looking after customers was the priority."
I don't have any experience in sales forecasting, but I can tell you exactly what the effect will be on sales - negative.
The percentage? Only time will tell... as a customer - would you go back to a site that was not only allegedly irresponsible with your credit card data, but then was also offline for quite some time? Again, only time will tell.
Businesses looking to take the risk of compromise head-on, opting for the "we won't get hacked" mantra should carefully reconsider. Even if your customers don't hold you accountable - how long will you be down as a result, and how much will that cost you in sales?
Now... compare that against the cost of doing the right thing and applying proper security to the sites you build - I bet the ROI is there.
Think carefully - these types of cases of real-life exploit followed by catastrophic business losses are starting to pile up. Will your company be next?
Remember, the hungry predator doesn't care that the Ostrich has its head in the sand, it can still see you - and eat you.
Source: infosecisland.com
Add new comment