Fast Fashion Retailer Data Breach Draws $1.9M Fine
New York AG fines Shein and Romwe parent company for failure to protect customer data and downplaying the 2018 compromise of 46 million shopper records.
In the wake of a June 2018 breach in which more than 46 million shopper records were compromised, the New York Attorney General's Office fined Zoetop Business Company $1.9 million. Zoetop's operation includes fast-fashion brands Shein and Romwe.
Attorney General Letitia James said in a statement that Zoetop not only failed to protect customer data, but also lied about the scope of the breach, which ultimately affected 39 million Shein accounts and 7 million Romwe accounts. Of those victims, James' office estimates 800,000 are New York residents.
“Shein and Romwe's weak digital security measures made it easy for hackers to shoplift consumers’ personal data,” James said about the Zoetop fine. "Shein and Romwe must button up their cybersecurity measures to protect consumers from fraud and identity theft. This agreement should send a clear warning to companies that they must strengthen their digital security measures and be transparent with consumers; anything less will not be tolerated.”
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024