Fashion retailer Zoetop to pay $1.9M over data breach response
By 
Adrianne Appel2022-10-17T17:37:00
Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.
Zoetop did not properly protect customer data before or after the breach and “downplayed the extent” of the incident, New York Attorney General Letitia James said in an Oct. 12 press release.
Zoetop didn’t know where on its system it stored customer credit card information, James alleged. It allowed some credit card transaction information to be stored in plain text, she said, and used an algorithm to protect customer passwords that was known to be weak.
Related articles
-
News BriefFCA fines Monzo digital bank $28 million for AML, KYC failures
Britain’s Financial Conduct Authority has fined the online bank Monzo the equivalent of more than $28 million for failing to properly collect customer information and protect against financial crimes. The move is the latest in a series of efforts by British authorities to combat chronic money laundering and other crimes ...
-
PremiumDiscover, in allowing misclassification problem to fester, pushed compliance aside
Federal banking regulators have laid the blame for Discover Financial Services charging merchants $1 billion in excessive credit card fees over 17 years squarely at the feet of company executives.
-
News BriefU.S. Labor Department advances sweeping deregulation push targeting worker protections
The U.S. Department of Labor (DOL) appears to be in the process of deregulating work rules. Some of the changes proposed would result in a reduction of pay for certain health workers and allow minors to work hazardous jobs.
More from Regulatory Enforcement
-
News BriefCFPB drops $95M enforcement action against Navy Federal, without explanation
The Consumer Financial Protection Bureau has dropped a $95 million enforcement action against Navy Federal Credit Union, the latest regulatory pullback by the agency under President Donald Trump.
-
ArticleFCA drops ‘naming and shaming’ approach – except in ‘exceptional circumstances’
The UK’s financial regulator has had a rough ride over the past couple of years as its strategy to “name and shame” firms it opened investigations into was widely slammed by the industry and lawmakers over concerns that companies could be unfairly maligned.
-
News BriefDOJ targets $14.6B in health care fraud with focus on transnational crime
Emerging enforcement priorities of the U.S. Department of Justice’s health care fraud division align with the Trump administration’s emphasis on prosecuting transnational criminal organizations and ending opioid trafficking.