Fashion retailer Zoetop to pay $1.9M over data breach response
By 
Adrianne Appel2022-10-17T17:37:00
Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.
Zoetop did not properly protect customer data before or after the breach and “downplayed the extent” of the incident, New York Attorney General Letitia James said in an Oct. 12 press release.
Zoetop didn’t know where on its system it stored customer credit card information, James alleged. It allowed some credit card transaction information to be stored in plain text, she said, and used an algorithm to protect customer passwords that was known to be weak.
Related articles
-
News BriefFTC orders AI firms to disclose safeguards for children and teens
AI chatbots are increasingly used by children and teens, prompting the FTC to order seven AI companies to explain how they monitor potential harms to minors.
-
News BriefDOJ sues Uber over alleged discrimination against disabled riders
The DOJ sued Uber Thursday, alleging it violated the Americans with Disabilities Act (ADA) by denying people with disabilities equal access to its services.
-
ArticleEU targets crypto, fintech firms in push to tackle money laundering
Europe’s banking regulator warns that weak compliance at fintech, regtech, and crypto firms may let money laundering and terrorist financing risks slip through. The EBA also found EU regulators’ approaches are often inconsistent and unclear.
More from Regulatory Enforcement
-
ArticleCalifornia, Colorado, and Connecticut launch joint crackdown on privacy violators
California, Colorado, and Connecticut launched a joint enforcement sweep against businesses that fail to honor consumers’ online opt-out requests, the states announced Tuesday.
-
News BriefFreight forwarder fined $1.6M after using OFAC-blocked Venezuelan, Iranian carriers
A Houston-based freight forwarder, Fracht FWO Inc., will pay $1.6 million for violating U.S. sanctions tied to Venezuela and Iran, according to the Treasury Department’s Office of Foreign Assets Control (OFAC). The fine comes as OFAC ramps up enforcement in recent months.
-
ArticleCFTC clears deck of ‘compliance’ enforcement actions to focus on fraud
BNY, Citigroup, Santander, UBS, and two other financial institutions paid a total of $8.3M to settle separate compliance violations with the CFTC.