Africana55 Radio 
English
Afrikaans
Albanian
Amharic
Arabic
Armenian
Azerbaijani
Basque
Belarusian
Bengali
Bosnian
Bulgarian
Catalan
Cebuano
Chichewa
Chinese (Simplified)
Chinese (Traditional)
Corsican
Croatian
Czech
Danish
Dutch
Esperanto
Estonian
Filipino
Finnish
French
Frisian
Galician
Georgian
German
Greek
Gujarati
Haitian Creole
Hausa
Hawaiian
Hebrew
Hindi
Hmong
Hungarian
Icelandic
Igbo
Indonesian
Irish
Italian
Japanese
Javanese
Kannada
Kazakh
Khmer
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latin
Latvian
Lithuanian
Luxembourgish
Macedonian
Malagasy
Malay
Malayalam
Maltese
Maori
Marathi
Mongolian
Myanmar (Burmese)
Nepali
Norwegian
Pashto
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Samoan
Scottish Gaelic
Serbian
Sesotho
Shona
Sindhi
Sinhala
Slovak
Slovenian
Somali
Spanish
Sudanese
Swahili
Swedish
Tajik
Tamil
Telugu
Thai
Turkish
Ukrainian
Urdu
Uzbek
Vietnamese
Welsh
Xhosa
Yiddish
Yoruba
Zulu
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
The owner of fast fashion brand Shein has been ordered to pay $1.9m to New York state over a data breach that affected millions of customers.
Zoetop Business Company, Ltd – which owns e-commerce brands Shein and Romwe – failed to properly handle a 2018 data breach in which the personal information of 39 million Shein accounts and seven million Romwe accounts were compromised, New York Attorney General Letitia James announced on Wednesday.
An investigation by the Office of the Attorney General found that hackers successfully stole credit card information and personal information, including names, email addresses, and account passwords of Shein customers.
After Zoetop learned of the hack, the company “failed to take adequate steps” to protect many of the affected accounts and “downplayed the extent of the cyberattack” to shoppers, according to the OAG. For the 39 million Shein accounts impacted by the data breach, Zoetop failed to alert customers whose login credentials had been stolen. The company has also been accused of “misrepresenting” the size and scope of the breach in several public statements to its customers.
Two years later, reportedly Zoetop discovered Romwe customer login credentials available on the dark web believed to be from the 2018 cyber attack.
“Shein and Romwe’s weak digital security measures made it easy for hackers to shoplift consumers’ personal data,” said James. “While New Yorkers were shopping for the latest trends on Shein and Romwe, their personal data was stolen and Zoetop tried to cover it up. Failing to protect consumers’ personal data and lying about it is not trendy.”
“Shein and Romwe must button up their cybersecurity measures to protect consumers from fraud and identity theft,” she continued. “This agreement should send a clear warning to companies that they must strengthen their digital security measures and be transparent with consumers, anything less will not be tolerated.”
As a result of the investigation, Zoetop has been ordered to pay $1.9m in penalties to New York state and must strengthen its cybersecurity measures to protect consumers’ information.
Chinese fast fashion brand Shein has become known for its inexpensive and abundant clothing options, and is now valued at $100bn. The e-commerce brand has been at the centre of much controversy since its founding in 2008, and faces accusations of worker exploitation, stealing ideas from independent designers, and contributing to the environmental damage caused by the fast fashion industry.
The Independent has contacted Zoetop Business Company, Ltd for comment.