Lime Crime Security Breach
By Dennise DeJesus
In recent months, the makeup brand Lime Crime has gained notoriety within the beauty community, having its website security breached in October 2014.
Many customers’ bank and credit card information was stolen from purchases within this time frame. This led to a great controversy regarding the company due to the fact that its founder, Doe Deere, failed to inform customers by email when the security of the site was breached.
Instead, the company informed customers of the security breach on Instagram posts in February 2015.
Customers questioned these posts regarding Lime Crime’s actions on handling the incident.
Founded by Xenia Vorotova a.k.a. Doe Deere in 2008, Lime Crime is an independent makeup company that sells and produces makeup products such as lipstick, eyeliner, nail polish and eyeshadow palettes in unique colors that cannot be acquired normally. They also promote themselves as a cruelty-free vegan company.
To differentiate itself from other competitors, Lime Crime identifies itself with cute, purple unicorn packaging on their lipstick. They also gained popularity with their bestselling liquid lipstick, the Velvetines.
After Doe Deere announced the security breach on Instagram, a wave of angry uproar filled the comment posts on social media. Informative reaction videos appeared on YouTube chronicling the situation. Posts filled with angry, hateful comments attacking Deere and the company flooded their Instagram and other social media accounts with hyperlinks such as “#boycottlimecrime.”
Anti-fan accounts appeared as negativity filled these pages, hoping to expose Deere’s business practices and unprofessionalism. Deere eventually privatized her and Lime Crime’s account on Instagram in response to the hostile behavior of “followers.”
One main criticism regarding the scandal is the security regarding the website. Under normal circumstances, a website would use an HTTPS instead of an HTTP for security procedures on a website.
Commenters pointed this out when discussing the security of the website. Another main criticism is that Deere let the security breach continue for months before taking action and informing customers. In response to this, Deere compared the security breach to the other major hacking incidents of Target and CitiBank.
In response to the announcements, customers who purchased in the past expressed their opinions to boycott Lime Crime and potential customers who followed both Instagram accounts decided to not purchase from the site, concerned that their information could possibly be taken as well.
Additionally, it created distrust with the company and Deere. In light of the controversy, she and Lime Crime announced that they will participate in IMATS NYC in April.
The security breach is considered a “cherry on top” among the faulty actions and behaviors of Deere. Because her behavior and business practices are known, there is a Tumblr account called “ohdeardoedeere” dedicated to explaining the origins of Lime Crime with a timeline.
Critics of Deere and Lime Crime have accused the company of being the opposite of a cruelty-free vegan makeup company due to some products containing beeswax and production that takes place in China that requires animal testing.
There are also complaints that the products from Lime Crime are not high quality. According to ohdeardoedeere, there was an incident where customers complained that hair was found in lipstick bottles.
Deere’s behavior has equaled in reaction to the way the company is handled. Her behavior has included flaunting her wealth instead of giving advice to future entrepreneurs, leaving offensive comments, and extortion from customers from a so-called “charity event.”
After a two week hiatus, the Lime Crime website finally reopened for business. On social media sites, the company promotes restocking products and trying to move forward despite scrutiny.