Shein owner fined $1.9M for failing to notify 39M users of data breach

Rita Liao
·3 min read

A data breach from 2018 is putting Shein under the spotlight as the ultra-fast fashion e-commerce platform continues to conquer Gen-Z markets across the world.

Zoetop, the firm that owns Shein and its sister brand Romwe, has been fined $1.9 million by New York for failing to properly handle a security incident, according to a notice from the state's Attorney General office this week. New York doesn't publicly release data breach notifications like Maine, New Hampshire, California, or other states, which is why the AG came so much later than when the cyberattack happened.

Shein, which was founded in China and recently moved its core assets to Singapore, saw explosive growth during the pandemic as the virus prevention pushed consumers to shop online. Its jaw-dropping affordability and vast clothing options have made it one of the fastest-growing consumer internet platforms worldwide in the past two years.

The firm's meteoric rise puts the once low-key fashion exporter from China on the spot. It went from having no dedicated PR personnel just a few years ago to now scrambling to handle mounting media inquiries about supply chain transparency and alleged design theft as it further grows and gears up for an IPO.

The data breach brings it yet another PR problem. The company claims it's significantly stepped up its security measures since.

"We have fully cooperated with the New York Attorney General and are pleased to have resolved this matter. Protecting our customers’ data and maintaining their trust is a top priority, especially with ongoing cyber threats posed to businesses around the world. Since the data breach, which occurred in 2018, we have taken significant steps to further strengthen our cybersecurity posture and we remain vigilant," Shein says in a statement.

What happened?

A cybersecurity attack that originated in 2018 resulted in the theft of 39 million Shein account credentials, including those of more than 375,000 New York residents, according to the AG's announcement. An investigation by the AG's office found that Zoetop only contacted "a fraction" of the 39 million compromised accounts, and for the vast majority of the users impacted, the firm failed to even alert them that their login credentials had been stolen.

The AG's office also concluded that Zoetop's public statements about the data breach were misleading. In one instance, the firm falsely stated that only 6.42 million consumers had been impacted and that it was in the process of informing all the impacted users.

A lot has changed since 2018. Shein has risen from an up-and-coming online fast fashion seller at the time to an all-encompassing e-commerce platform that is threatening Amazon. In the second quarter of this year, the app's U.S. downloads surpassed Amazon's for the first time. The data breach might be dated, but keep in mind that Shein has been operating since 2008, so four years is quite recent in the firm's history of existence. Cost-saving, trend-seeking Gen-Z consumers might continue to shop on Shein despite its publicity issues, but to win the trust of regulators and the general public, there's still much to be done.

  • Wells Fargo failing to protect customers from Zelle scams -Senator Warren

    In a letter dated Oct. 6 but made public on Thursday, Warren told Wells CEO Charles Scharf the "alarming pattern" was made worse by the bank's refusal to make its Zelle scam and fraud data public. In her letter, Warren, a prominent bank critic who sits on the Senate Banking Committee, claimed the bank's customers are reporting fraud and scams this year at a rate nearly 2.5 times higher than in 2019 and twice as high as those of other banks. Zelle did not immediately respond to requests for comment.

  • King Charles III coronation date revealed: What happens and will it be a bank holiday?

    King Charles III ascended the throne upon the death of Queen Elizabeth II in September, becoming the oldest new monarch in British history.

  • Browns coordinator feeling heat for disappointing defense

    BEREA, Ohio (AP) Under fire for a dysfunctional and disappointing defense, Browns coordinator Joe Woods opened his news conference Thursday by pointing out his recent lack of sleep. Cleveland's defense, loaded with playmakers and one of the NFL's biggest stars in edge rusher Myles Garrett, has woefully underperformed through five games and Woods is feeling the heat from a fan base demanding better and seeing little improvement.

  • German police arrest suspect in foiled plot to kidnap health minister

    German police have arrested a woman suspected of having been involved in a plot to kidnap health minister Karl Lauterbach earlier this year, federal prosecutors said on Thursday. The woman, a German national identified by police only as Elisabeth R., is suspected of having been ringleader of a radical group that plotted to kidnap Lauterbach and destroy power facilities to cause a nationwide power outage, the prosecutors said in a statement. Following the foiled kidnapping in April, prosecutors had detained four other suspects, who they said were affiliated with groups that opposed COVID-19 restrictions and with the far-right "Reichsbuerger" movement, which denies the existence of the modern German state.

  • Delta Air Lines stock up after reporting strong Q3 revenue

    Shares of Delta Air Lines are moving higher after the the company reported record revenue in its third quarter

  • 8 Akron Officers Involved In Jayland Walker Shooting Returned to Active Duty

    The eight officers who were involved in the shooting death of 27-year-old Jayland Walker have been reinstated to active duty, according to NBC News. Akron Police Chief Steve Mylett cited staff shortages as the reason for the decision. The officers, who have not been named, will not be on patrol in the city, but will “provide internal support in non-uniform roles until the investigation (of the shooting) is complete.”

  • Kremlin scolds West for 'provocative' nuclear rhetoric

    The Kremlin on Wednesday scolded Western leaders for engaging in "provocative" nuclear rhetoric after a series of warnings from Russia, the United States and NATO on the dangers of escalating the Ukraine conflict into a nuclear war. President Vladimir Putin on Sept. 21 warned the West he was not bluffing when he said he would be ready to use nuclear weapons to defend Russia against what he said was "nuclear blackmail" from major Western powers. U.S. President Joe Biden, who has cautioned that the world faced the biggest risk of nuclear Armageddon since the 1962 Cuban Missile Crisis, said he doubted that Putin would use a tactical nuclear weapon in Ukraine.

  • Why CEO Jamie Dimon Could Move Markets for Investors on Friday

    When Jamie Dimon speaks, Wall Street listens. The JPMorgan Chase (NYSE: JPM) CEO is on the short list of the most respected business and finance leaders in the country. Dimon has run the nation's No. 1 bank by assets for more than 16 years.

  • New York condominium sells for $2 million

    A condominium built in 1986 has changed hands. Din Allall and Sigalit Allall acquired the property in the 200 block of 61st Street from David Mardkha on July 28, 2022. The purchase price was $2,036,000.

  • Jan. 6 committee: Trump rushed to withdraw troops from Afghanistan knowing he'd lost election

    At the latest House Jan. 6 committee hearing, Rep. Adam Kinzinger presented testimony that then-President Donald Trump knew he'd lost the 2020 election and "rushed to complete unfinished business," including a hurried attempt to withdraw troops from Afghanistan and Somalia -- which his own Joint Chiefs chairman called "militarily not feasible, nor wise." Watch that portion of the hearing.

  • Indiana woman gets 115 years for poisoning man's oatmeal and strangling him with his favorite tie

    An Indiana woman who plotted to kill a man by poisoning his oatmeal with fentanyl and who strangled him, was sentenced to 115 years in prison, officials said.

  • Qatari Broadcaster BeIn Draws Interest From Saudis and US, Sources Say

    (Bloomberg) -- BeIn Media Group, the Qatari broadcaster, has attracted interest from potential partners including Saudi Arabian and US investors, according to people familiar with the matter.Most Read from BloombergStocks Surge in Wild Ride After CPI Data Selloff: Markets WrapWorld Faces New Threats From Fast-Mutating Omicron VariantsCore US Inflation Rises to 40-Year High, Securing Big Fed HikeKroger Wants to Merge With Albertsons to Create US Grocery GiantIntel Is Planning Thousands of Job Cut

  • China Stocks Jump Before Party Congress, Aiding Big Asia Rally

    (Bloomberg) -- Asian equities were poised to snap a five-day losing run, tracking a rally in US peers, with investors looking to China’s twice-a-decade Party Congress for policies to help revive its economy and markets.Most Read from BloombergStocks Surge in Wild Ride After CPI Data Selloff: Markets WrapWorld Faces New Threats From Fast-Mutating Omicron VariantsCore US Inflation Rises to 40-Year High, Securing Big Fed HikeKroger Wants to Merge With Albertsons to Create US Grocery GiantIntel Is P

  • Royal Mail warns of 5,000-6,000 job cuts as union dispute intensifies

    The Communication and Workers Union (CWU), representing 115,000 Royal Mail postal workers, have held strikes in September and early October, and have threatened more strikes this month and next. "Royal Mail urges CWU to immediately call off planned strike action and embrace our offer of Acas talks to urgently find a resolution to the current dispute," parent company International Distributions Services said on Friday. Royal Mail's proposals last month to take the pay dispute to arbitration and change its policies following months of failed negotiations had angered the CWU.

  • FBI paid Igor Danchenko more than $200,000 to serve as confidential human source

    The FBI paid Russian national Igor Danchenko more than $200,000 to serve as a confidential human source from 2017 to late 2020.

  • Trump Threatened to Out Confidential Sources From Russia Investigation

    The former president is still itching to compromise the intelligence sources he blames for the investigation into Russia’s role in the 2016 campaign

  • James Tupper scolded by judge in court amid estate battle with Anne Heche's son

    "Why are you shaking your head? It's very disrespectful."

  • Russian draft-dodgers find little welcome, uncertain future in Georgia

    With Putin's invasion of their country still fresh in Georgian minds, it's little wonder young Russians dodging the bloodbath in Ukraine are viewed with suspicion.

  • China Oil Demand in Limbo as Virus Saps Travel Before Party Congress

    (Bloomberg) -- China’s appetite for overseas oil is yet to make a meaningful recovery as anxiety over virus lockdowns keeps travel subdued, overshadowing an increase in fuel export quotas aimed at supporting economic growth. Most Read from BloombergStocks Surge in Wild Ride After CPI Data Selloff: Markets WrapWorld Faces New Threats From Fast-Mutating Omicron VariantsCore US Inflation Rises to 40-Year High, Securing Big Fed HikeKroger Wants to Merge With Albertsons to Create US Grocery GiantInte

  • Kim Kardashian Was Surprised by the Backlash to Her Comments About Women in Business

    “I hated that that got misunderstood.”