Last month, this blog reported that the UK site of Lush cosmetics had been hacked. Three weeks later, Lush customers in Australia and New Zealand are being notified by email that those Lush sites were hacked as well. The breaches occur to be separate hacks and reportedly only affect those who placed orders online. The UK attacks resulted in some reports of card fraud.
Update: Mozo reports that 40,000 customers may be affected.