Skip to main content
Skip to navigation

Regulatory Enforcement

Fashion retailer Zoetop to pay $1.9M over data breach response

By Adrianne Appel2022-10-17T17:37:00

Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.

Zoetop did not properly protect customer data before or after the breach and “downplayed the extent” of the incident, New York Attorney General Letitia James said in an Oct. 12 press release.

Zoetop didn’t know where on its system it stored customer credit card information, James alleged. It allowed some credit card transaction information to be stored in plain text, she said, and used an algorithm to protect customer passwords that was known to be weak.

THIS IS MEMBERS-ONLY CONTENT

cw-membership

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

Article
Retail energy compliance must focus on resilience and reporting

2025-12-26T12:00:00Z By Ruth Prickett

Cybercrime and national critical infrastructure responsibilities are key concerns for retail energy sector compliance. Resilience is vital for companies that keep the lights on and power financial institutions and hospitals.
Opinion
The invisible cost of digital defense on mental health

2025-12-26T12:00:00Z By By Timothy Miller, CW guest columnist

Cybersecurity professionals, particularly those in leadership roles, often face immense pressure and stress due to the constant threat of cyberattacks.
Opinion
How to identify and mitigate risks posed by Foreign Terrorist Organizations

2025-12-24T18:55:00Z By Michael K. Atkinson and Caroline E. Brown, CW guest columnists

Since Inauguration Day on Jan. 20, 2025, the Trump Administration has made it a priority to expand the list of designated Foreign Terrorist Organizations.

More from Regulatory Enforcement

Article
Tariff evasion enforcement: The new FCPA

2025-12-24T16:46:00Z By Jaclyn Jaeger

Companies that import goods into the United States will face heightened enforcement scrutiny for attempted acts of customs fraud, including tariff evasion, under the Trump administration. Thus, chief compliance officers and in-house counsel face a new kind of pressure to ensure they are mitigating risk in this area.
Article
Former COO of plastics importer faces up to five years for customs falsifications

2025-12-24T13:54:00Z By Adrianne Appel

The chief operating officer of a plastic resin importer has pleaded guilty to intentionally falsifying documents to avoid paying tariffs on goods from China, the Department of Justice (DOJ) announced.
Article
Cybercrime against banks and account holders takes hit from FBI

2025-12-23T21:50:00Z By Adrianne Appel

Federal investigators have announced progress in dismantling an online criminal operation that steals bank account information by mimicking legitimate bank websites.