Skip to main content
Skip to navigation

Regulatory Enforcement

Fashion retailer Zoetop to pay $1.9M over data breach response

By Adrianne Appel2022-10-17T17:37:00

Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.

Zoetop did not properly protect customer data before or after the breach and “downplayed the extent” of the incident, New York Attorney General Letitia James said in an Oct. 12 press release.

Zoetop didn’t know where on its system it stored customer credit card information, James alleged. It allowed some credit card transaction information to be stored in plain text, she said, and used an algorithm to protect customer passwords that was known to be weak.

THIS IS MEMBERS-ONLY CONTENT

cw-membership

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

News Brief
Former bank CEO pleads guilty in Venezuela-linked fraud and sanctions violations

2026-03-27T22:52:00Z By Oscar Gonzalez

A former bank chief executive has pleaded guilty in a U.S. federal court to charges tied to a multimillion-dollar fraud and sanctions evasion scheme linked to Venezuela. This follows the U.S. removal of Venezuelan President Nicolás Maduro from the country, and has opened up the country for trading oil and ...
Article
Gavin Proudley, SVP Risk & Compliance at Dow Jones, on compliance challenges from divergent rules and geopolitics

2026-03-27T22:27:00Z By Ruth Prickett

Diverging global rules, sanctions, and tariffs being “weaponized,” and more have made compliance complex even before the U.S. strikes on Iran. We asked Gavin Proudley, SVP Risk & Compliance at Dow Jones, what this means for compliance managers and how they can stay ahead of shifting geopolitics and tighter ...
Article
Ex-Capula CCO refiles whistleblower retaliation lawsuit

2026-03-26T18:01:00Z By Jaclyn Jaeger

The former U.S. chief compliance officer of London-based hedge fund Capula Investment Management, who alleged he was fired for escalating “significant regulatory compliance issues” to senior management, refiled his lawsuit in state court after his original complaint was dismissed in federal court on jurisdictional grounds.

More from Regulatory Enforcement

Article
DOJ makes good on corporate-friendly enforcement policy with Balt resolution

2026-03-24T19:09:00Z By Adrianne Appel

The ink was barely dry on the U.S. Department of Justice’s new corporate enforcement policy (CEP) when the agency announced it would not prosecute Balt SAS for alleged bribery violations.
Article
BoA settles class-action related to its dealings with Jeffrey Epstein

2026-03-20T18:24:00Z By Adrianne Appel

Bank of America has agreed to settle a class-action lawsuit alleging know-your-customer and other failings in its dealings with convicted sex offender Jeffrey Epstein.
News Brief
SEC’s Uyeda: ‘Enforcement is the wrong way’ to handle off-channel communications

2026-03-19T21:08:00Z By Aaron Nicodemus

The U.S. Securities and Exchange Commission’s Mark Uyeda told an audience of investment advisers that the SEC will no longer prioritize stand-alone enforcement actions for violations of the SEC’s rules on off-channel communications.