NY AG Wins $1.9M Settlement in Data Breach Case
New York Attorney General Letitia James won a $1.9 million settlement with online retailer Zoetop, owner and operator of the e-commerce brands Shein and Romwe, to resolve allegations that the company violated New York consumer protection laws by mishandling customer…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
data, blogged the Cozen O’Connor law firm Friday. James accused the company of misrepresenting the scope of a 2018 data breach that compromised the payment card information and personal data of millions of consumers worldwide, including 800,000 New Yorkers, it said. Hackers were able to access 39 million customer accounts, “and likely exfiltrated customer payment card information and personal data,” it said. The company failed to promptly notify its customers about the data breach and force a password reset for all account holders, it said. It also allegedly misrepresented the scope of the incident, and declined to fully cooperate with a “forensic investigator,” it said. Besides forfeiting the $1.9 million in penalties and costs, the company agreed to “maintain a comprehensive information security program that documents specific security measures and controls,” it said.