The holding company behind the retailer giant Shein and Romwe, Zoetop, has been fined $1.9 million after allegedly failing to inform its customers of a data breach. The undisclosed data breach reportedly affected millions of users, according to a notice from the New York’s attorney general’s office. The breach reportedly occurred in 2018 and happened when Zoetop failed to secure its customers’ data. After the breach occurred, the company did not inform its customers and attempted to keep the impact of the leak quiet.
The New York attorney general’s office stated that the information exposed in the breach included credit cards and personal information, including emails and hashed passwords. The breach reportedly affected 39 million Shein and 7 million Romwe accounts. More than 800,000 of the accounts belonged to New Yorkers. The NY attorney general stated that the data breach was caused by poor digital security measures on behalf of the e-commerce websites.
Read More: Shein Holding Company Fined $1.9m For Not Disclosing Data Breach