Sign in / up

back to article UK pots 'n' pans outfit Lakeland scalded by hack attack

UK homeware retailer Lakeland is asking its customers to change their passwords as a precaution following a hack attack that allowed cybercrooks to reach two of its encrypted databases. Lakeland sent an email to customers late on Tuesday admitting the breach, and informing them that it was resetting passwords. Users will be …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. JimmyPage Silver badge

    I suspect we will see a lot more of this ..

    smaller, less well known e-commerce sites being targeted, on the assumption their security will be less bullet proof, and giving hackers access to a load of personal data they can then use on bigger sites.

    Once again: NEVER REUSE YOUR PASSWORD.

    2 2
    1. Jim 59
      Reply Icon

      Re: I suspect we will see a lot more of this ..

      ... and don't forget to check your Ubuntu forum password is not also reused for Amazon, or whatever. It was hacked the other day.

      0 1

  2. This post has been deleted by its author

  3. frank ly

    No worries?

    Since I never tick the box that says 'Save your card detail for future convenience' , then I don't have to worry about that sort of problem. Do I? Even if I did, they wouldn't store the 3-digit CC security code. Would they?

    I use Paypal wherever possible for this reason. I don't totally trust Paypal but I think it reduces my exposure.

    0 3
    1. Phil O'Sophical Silver badge
      Reply Icon

      Re: No worries?

      > they wouldn't store the 3-digit CC security code. Would they?

      If they do they'll be in big trouble with the card suppliers. Storing that is an absolute no-no, and could leave Lakeland liable to the costs.

      In fairness, the payment part of most websites is usually supplied by a bank, or related financial services company, it's just too risky and legally complex to knock-up a DIY version. I personally would trust Paypal a lot less than I'd trust a high-street business website.

      The email I got from Lakeland said that the problem was due to a recently-discovered flaw in Java, which implies that they weren't up-to-date with patches. Anyone know what OS the site runs?

      0 0
      1. smudge
        Reply Icon

        @ Phil O'Sophical

        Lakeland have removed from their website statement any detail of where the flaw is.

        Suggest you delete your post.

        0 0
        1. DaLo
          Reply Icon

          Re: @ Phil O'Sophical

          It says it was a Java flaw in the linked article.

          However it says it was a recently discovered flaw, it doesn't state whether it had been patched yet.

          As for the OS, there is a good chance they are running Linux - they appear to be running Apache web server.

          1 2
        2. Yes Me Silver badge
          Reply Icon
          Happy

          @ smudge

          "Suggest you delete your post"

          Because it's hot news that some versions of Java have security issues?

          Really, this horse left the stable quite a while ago...

          0 1
  4. Jim 59

    Who's downvoting in here ?

    Downvoter, you downvoted my neutral 1 sentence comment why, exactly ? And why were comments by DaLo, Frankly, and JimmyPage downvoted ?

    0 2
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Who's downvoting in here ?

      Dunno why your original post was downvoted, but I did it with JimmyPage for overdramatic, patronising use of caps when stating something that 99% (if not more,) of the target audience already knows. Thanks for the revelation.

      I'm guessing your first downvote was someone thinking the same thing. Since the rest of us most likely read the article too.

      frank ly? Someone probably decided he sounded a bit complacent on a forum aimed at techinical types.

      DaLo? Because he suggested a hacked site might be running Linux, based on the rabis nature of some people on here. Surprised there weren't more than 30.

      I'm giving you your second because people who whinge about downvoting always get one from me. Suck it up, man ...

      1 1
      1. Stilted Banter
        Reply Icon

        Re: Who's downvoting in here ?

        Surely demanding explanations for downvotes is not really the done thing. Comes over as a bit rude, and kind of insecure. A downvoter's downvote is that downvoter's own affair.

        1 1

      2. This post has been deleted by its author

        1. This post has been deleted by its author

  5. nutburgers

    Be interesting to know how truly sophisticated the attack was ...

    Given that we hear again and again that in the majority of cases it is existing vulnerabilities that are being targeted, some pretty old.

    0 0
This topic is closed for new posts.

Other stories you might like