Fashion retailer Zoetop to pay $1.9M over data breach response
By 
Adrianne Appel2022-10-17T17:37:00
Zoetop, parent company to online clothing retailers SHEIN and ROMWE, agreed to pay $1.9 million as part of a settlement with the New York Attorney General’s Office for failing to properly protect customer information compromised during a 2018 data breach.
Zoetop did not properly protect customer data before or after the breach and “downplayed the extent” of the incident, New York Attorney General Letitia James said in an Oct. 12 press release.
Zoetop didn’t know where on its system it stored customer credit card information, James alleged. It allowed some credit card transaction information to be stored in plain text, she said, and used an algorithm to protect customer passwords that was known to be weak.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
ArticleNew DOJ fraud division means broad realignment of resources and attorneys
A new Department of Justice (DOJ) division will lead investigations of government fraud, and take over duties—and staff, and funds– currently handled by other DOJ divisions and government agencies, Acting Attorney General Todd Blanche announced.
-
NewsFinCEN proposes overhaul of AML rules, ending 2024 risk assessment requirements
A rule overhaul proposed by the U.S. Treasury Department’s Financial Crimes Enforcement Network is designed to reduce compliance burden, which would free up banks from tracking all but the most egregious illicit financial activities.
-
News BriefHead of the DOJ’s Criminal Division to speak at CW National Conference
Assistant Attorney General (AAG) of the Criminal Division at the U.S. Department of Justice, A. Tysen Duva, will be a keynote speaker on Day Two of Compliance Week’s National Conference in Washington, D.C.
More from Regulatory Enforcement
-
ArticleCMA holds companies responsible for false claims, fake reviews ‘throughout supply chain’
Companies face large fines if they spread false marketing claims or fake reviews about their products and services—as well as those by suppliers—under a toughened competition regime in the U.K. aimed at enhancing consumer protection.
-
ArticleFTC warns VISA and other processors that company policies may lead to debanking
Visa, Mastercard, PayPal, and Stripe have received letters from the Federal Trade Commission, warning the companies to end any policies or terms of service that may result in the “debanking” of customers.
-
ArticleDOJ makes good on corporate-friendly enforcement policy with Balt resolution
The ink was barely dry on the U.S. Department of Justice’s new corporate enforcement policy (CEP) when the agency announced it would not prosecute Balt SAS for alleged bribery violations.