Fashion retailer Zoetop to pay $1.9M over data breach response
By 
Adrianne Appel2022-10-17T17:37:00
Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.
Zoetop did not properly protect customer data before or after the breach and “downplayed the extent” of the incident, New York Attorney General Letitia James said in an Oct. 12 press release.
Zoetop didn’t know where on its system it stored customer credit card information, James alleged. It allowed some credit card transaction information to be stored in plain text, she said, and used an algorithm to protect customer passwords that was known to be weak.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumDelayed UK antitrust case underscores compliance, reputational risks
Antitrust infringement cases in the United Kingdom can run on for years, but there’s a question whether issuing fines that are dwarfed by the revenues of those organisations involved is a worthy deterrent—particularly if they are imposed over a decade after the misconduct ended. It’s also debatable whether the first ...
-
AnalysisMental health is a rampant issue for cyber pros, and it needs more attention
Cybersecurity has become one of the most important parts of business operations, particularly as companies face a data breach, attack, or disruption of service. But the impact this responsibility is having on cyber pros needs more attention.
-
Basic PageEthics education is key, says Tom Hardin AKA “Tipper X”
Tom Hardin AKA “Tipper X” went from a young trader with his whole career ahead of him to an inside trader who got caught, acted as a Federal Bureau of Investigation informant for two years, and pleaded guilty to a felony.
More from Regulatory Enforcement
-
News BriefFTC sues Uber over deceptive subscriptions, a rare move for consumers by Trump officials
The Federal Trade Commission (FTC) filed a lawsuit against Uber, alleging the ride-hailing company signed customers up for its Uber One subscription without consent, then made it hard for them to cancel. The move marks the U.S. government’s latest broadside against big tech companies, and the first major action from ...
-
News BriefCFPB pullback signals further shift toward industry-friendly regulation
The U.S. Consumer Financial Protection Bureau continues to unravel amid pressure from Trump administration officials to shutter the agency. Not only has the agency informed its employees that it will no longer be a watchdog for the financial services industry, it has also laid off employees despite court orders blocking ...
-
News BriefTrump’s CFPB, dismissing Comerica case, continues to cut down Biden-era lawsuits
The Consumer Financial Protection Bureau dropped yet another consumer protection lawsuit against a bank or fintech provider since Donald Trump was sworn in as president in January. This time, it was with Comerica Bank.