How latest Lush data breach could have been avoided

The news that a selection of Lush customers who shopped at its online store between October and January have had their card details stolen shows that retailers need more support in understanding the protection of cardholder data.

Problems like this not only do potential long-term damage to a strong and successful brand, but are also completely avoidable.

In this day and age, payment service providers have technology that will enable all merchants to successfully serve their customers without having to worry about storing card numbers themselves.

Merchants can also do more to protect card details and should consider using Tokenisation, an additional encryption capability that replaces sensitive data with unique identification symbols. The token can be accessed by the merchant for reporting and future purchases, but the credit card details remain secure at all times.

By working in tandem with payments experts problems like these should be just a distant memory for retailers.