Fashion retailer Zoetop to pay $1.9M over data breach response
By 
Adrianne Appel2022-10-17T17:37:00
Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.
Zoetop did not properly protect customer data before or after the breach and “downplayed the extent” of the incident, New York Attorney General Letitia James said in an Oct. 12 press release.
Zoetop didn’t know where on its system it stored customer credit card information, James alleged. It allowed some credit card transaction information to be stored in plain text, she said, and used an algorithm to protect customer passwords that was known to be weak.
Related articles
-
ArticleSenate Democrats question Vought on comments about closing CFPB in months
Senate Democrats warned OMB Director Russell Vought Tuesday that it would be illegal for the Trump administration to shut down the Consumer Financial Protection Bureau, citing a recent court decision barring actions that could severely harm the agency.
-
ArticleCalifornia climate rules cause uncertainty as CARB delays draft guidance
California has delayed the release of draft greenhouse gas reporting rules for businesses until early 2026, the California Air Resources Board said.
-
ArticleNine states collaborating on data privacy enforcement across state lines
Nine states are collaborating to write and enforce comprehensive data privacy laws, in an effort to protect consumers across jurisdictions and due to the absence of a broad, federal privacy law.
More from Regulatory Enforcement
-
PremiumAssessing the impact of the DOJ’s monitorship policy six months in
It has been nearly six months now since the Department of Justice’s (DOJ) Criminal Division released its memorandum on the selection of compliance monitors. This article provides a critical analysis of the monitorships that received early terminations, those that remain in place, and the broader compliance lessons they impart.
-
News BriefBinance’s Changpeng Zhao receives presidential pardon from Trump
The founder of crypto exchange Binance, Changpeng Zhao, received a pardon from President Donald Trump. This pardon comes almost two years after Zhao signed a plea agreement and was sentenced to a four-month prison sentence.
-
ArticleOCC drops $10M fine against former Wells Fargo risk officer fingered in “fake accounts” scandal
A former Wells Fargo risk officer previously ordered to pay $10 million by the Department of the Treasury’s Office of the Comptroller of the Currency (OCC) for her alleged role in the bank’s “fake accounts” scandal is completely off the hook, according to an OCC consent order issued Tuesday.