Fashion retailer Zoetop to pay $1.9M over data breach response
By 
Adrianne Appel2022-10-17T17:37:00
Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.
Zoetop did not properly protect customer data before or after the breach and “downplayed the extent” of the incident, New York Attorney General Letitia James said in an Oct. 12 press release.
Zoetop didn’t know where on its system it stored customer credit card information, James alleged. It allowed some credit card transaction information to be stored in plain text, she said, and used an algorithm to protect customer passwords that was known to be weak.
Related articles
-
PodcastStudy: Compliance managers must set rules in race to adopt AI agents and copilots
More than half of all compliance teams are “actively using” or “piloting” AI applications, according to a Moody’s report. While most are focusing on streamlining routine tasks, some are developing AI agents and asking vital questions about AI decision-making.
-
ArticleFlorida seafood exec faces 10 years for crab claw price fixing
A Florida seafood company executive has pleaded guilty to conspiring with competitors to fix the prices he paid to local fishers, an effort that impacted more than $8 million in wholesale fish and cut the pay of hundreds of fishers, the Department of Justice said.
-
ArticleFormer U.S. clothing business CEO faces 25 years for bribery in Honduras
The former CEO of a Georgia clothing business faces 25 years in prison for bribing Honduran officials to win $10 million in uniform contracts in Honduras, after being caught up in a Department of Justice Anticorruption Task Force.
More from Regulatory Enforcement
-
News BriefDOJ sues Uber over alleged discrimination against disabled riders
The DOJ sued Uber Thursday, alleging it violated the Americans with Disabilities Act (ADA) by denying people with disabilities equal access to its services.
-
ArticleEU targets crypto, fintech firms in push to tackle money laundering
Europe’s banking regulator warns that weak compliance at fintech, regtech, and crypto firms may let money laundering and terrorist financing risks slip through. The EBA also found EU regulators’ approaches are often inconsistent and unclear.
-
ArticleCalifornia, Colorado, and Connecticut launch joint crackdown on privacy violators
California, Colorado, and Connecticut launched a joint enforcement sweep against businesses that fail to honor consumers’ online opt-out requests, the states announced Tuesday.