E-commerce retailer Zoetop Business Co. Ltd. has agreed to pay $1.9 million to New York state for its mishandling of a 2018 data breach that exposed the personal information of over 45 million shoppers worldwide.
An investigation by state attorney general’s office found that Zoetop, which owns fast-fashion brands Shein and Romwe, failed to adequately protect consumer data before the breach and misrepresented the scope of the attacks afterward, according to the state’s Wednesday press release. Roughly 800,00 New Yorkers were affected overall, it said.
In addition to the financial penalty, Zoetop’s settlement includes an agreement to bolster its ...