Fashion retailer Zoetop to pay $1.9M over data breach response
By 
Adrianne Appel2022-10-17T17:37:00
Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.
Zoetop did not properly protect customer data before or after the breach and “downplayed the extent” of the incident, New York Attorney General Letitia James said in an Oct. 12 press release.
Zoetop didn’t know where on its system it stored customer credit card information, James alleged. It allowed some credit card transaction information to be stored in plain text, she said, and used an algorithm to protect customer passwords that was known to be weak.
Related articles
-
ArticleJudge orders CVS to pay nearly $290M for Medicare false claims
CVS’s Caremark division knowingly overcharged Medicare for prescription drugs and must pay nearly $290 million, a Pennsylvania federal judge has ordered.
-
WebcastCPE Webcast: Navigating Evolving Regulations: Key Insights for Compliance Leaders
This webinar tackles the current legal landscape head-on, giving compliance officers a practical lens on the latest developments impacting your oversight responsibilities.
-
Basic PageDOJ, EPA take legal action against the California Air Resources Board
The U.S. Department of Justice has filed two lawsuits against the California Air Resources Board, claiming it no longer has the legal right to enforce strict emissions rules for heavy-duty trucks.
More from Regulatory Enforcement
-
News BriefSEC charges duo in $275 million water vending machine Ponzi scheme
The owner of a water machine vending company and a portfolio manager were allegedly behind a Ponzi-like scheme that raised more than $275 million, according to the U.S. Securities and Exchange Commission.
-
Basic Page‘Extraordinary cooperation’ pays off for PFS Investments
As regulators shift toward rewarding transparency, self-regulation and self-reporting, the way PFS Investments handled a longstanding problem serves as an example of how proactive remediation can turn a costly compliance error into a manageable regulatory outcome.
-
ArticleDOJ charges Texas businessmen in alleged bribery scheme over PEMEX oil contracts
The Department of Justice says two Mexican businessmen living in Texas allegedly bribed Mexican officials to secure $2.5 million in contracts with Petróleos Mexicanos, Mexico’s state-owned oil company, and a subsidiary.