October 12, 2022

The owner of popular fashion ecommerce websites SHEIN and ROWME, Zoetop Business Company, Ltd., has agreed to pay $1.9 million to settle charges that it failed to properly safeguard consumer information, failed to protect accounts impacted by a data breach, and downplayed the extent of the breach to consumers.  In June 2018, attackers stole the names, email addresses, hashed passwords, and credit card information of 39 million SHEIN consumers worldwide, but Zoetop failed to alert more than 32.5 million of them that their login credentials had been compromised.  Two years later, Zoetop discovered that 7 million ROWME consumers were also affected.  AG NY

Tagged in: Cybersecurity and Data Breaches,