The hacking of commercial websites can have real world consequences. Case in point: http://www.lush.co.uk
The United Kingdom website for Lush, a cosmetics retailer, voluntarily was shut down after having been hacked recently. According to an announcement posted on the website, ongoing monitoring demonstrated that the site continues to be targeted for further hacking entry attempts.
Thus, in order not to put its customers “at risk,” the website will remain closed. Meanwhile, Lush plans to set up an independent website soon that will be able to take orders for Lush products and will accepts payments via PayPal. Notwithstanding the hacking and subsequent site shut down, Lush has emphasized that orders can be placed in its stores and over the telephone. That is well and good, but of course, Lush would prefer not to have lost the revenue stream from its UK website. Plainly, hacking causes business interruption and decreased revenue flow for companies that are victims of such activities. And one of the reasons for such interruption and decreased revenues is the potential responsibilities owed by companies to their customers.
Companies will be looked to by their customers and possibly by regulators to be transparent in terms of online security breaches and to protect the private data of customers. Indeed, according to Internet legal expert Jonathan Armstrong, the UK has adopted new rules on online advertising and the Office of Fair Trading there recently instituted a campaign on online fairness.
In a best case scenario, hackers will not be successful in penetrating and disrupting websites. But when they do succeed, remedial actions and openness make abundant sense.