With some 64 stores across the UK, the retailer offers the option to buy products online. It is this service which has been potentially compromised.
Despite the fact that the information behind exactly what caused the hack would prove invaluable to other companies concerned about the security of their eCommerce sites.
As reported by IT Pro, security expert Dodi Glenn said “Lakeland should work with the authorities to identify what information was leaked. Customers should have the right to know if their credit card numbers were stolen,” said Glenn.
“Lakeland and others should take note that being proactive instead of reactive is the best approach, because brand reputation is priceless.”
It has been confirmed that an internal police investigation will be taking place, and in order to do this Lakeland will be releasing the details to the police department. However, there’s still no indication that Lakeland are willing to release the details to other eCommerce retailers.
Password Protection
Though Lakeland are adamant that the changing of passwords is meant only as an extra security measure, it brings to light the very real issue of online security and its implementation by the users themselves.
It’s not uncommon for internet users to use the same password for multiple logins – from their online banking accounts, to their online council tax payments.
Speaking to Computer Weekly, Graham Cluley, a renowned online security expert, said “Far too many people use the same password for multiple websites, meaning that if their password gets hacked in one place they could find other online accounts are subsequently compromised.”
There’s no doubt that the compromise of such a large retailer’s online integrity will inspire other retailers to take a long hard look at their online security.
Andrew Mason, co-founder and Technical Director of security company RandomStorm, has said of the incident: “The Lakeland web security breach demonstrates the need for companies to continuously monitor their networks for vulnerabilities and active threat vectors and to act upon the vulnerability reports.”
One important thing for companies to bear in mind is that if any customer data is stolen, there could be a hefty fine in store if it was found to be preventable.
Whether Lakeland has actually suffered any significant data losses is yet to be discovered, leaving everyone at the firm in the dark for now.