Fast fashion has been a hit with online shoppers lately. It is due to the fact that there is a wide array of selections to choose from, and it is significantly cheaper than other well-known brands. Companies like SHEIN and ROMWE, in particular, are climbing the fashion store ladder worldwide.
However, it seems that these fashion store apps aren't as secure as one might hope. Zoetop, the company that owns SHEIN and ROMWE, has been given a $1.9 million penalty for several counts of data breaches of their users' accounts.
How Bad Is It?
The data breach that Zoetop has been accused of extends to its users' personal information like credit card details, names, emails, and hashed passwords, according to The Verge. Around 46 million accounts were affected by this breach- 39 million of which are SHEIN accounts, and more than 800,000 of those belong to online shoppers from New York.
The allegations were based on a hack in 2018, which the Office of the Attorney General (OAG) has been investigating. According to their office, 32.5 million accounts were not alerted of the data breach. Zoetop has only alerted a few accounts and even then, they failed to reset the passwords of the select accounts.
The company was also accused of denying the hack, claiming that there is no evidence of credit card information being stolen. In addition to that, they only notified customers of the breach after two years, when it appeared that the accounts were being accessed on the dark web.
Their tactics for damage control included informing its users that their passwords had simply expired after a year of not being changed and masking the breach by downplaying and calling it "suspicious activity," asking for customer verification.
In terms of financial troubles for the company, $1.9 million is barely a dent in its revenue. SHEIN alone is already valued at $100 billion.
As mentioned in thefashionlaw.com, the OAG accused Zoetop of failure to maintain security measures. Among these measures were password management, protection of sensitive customer information, monitoring of vulnerabilities, and incident response addressing the cyberattack.
Read also: Cybersecurity Awareness Month: 5 Practical Steps You Can Take to Secure Your Social Media Accounts
It Does Not Stop There
Zoetop's SHEIN has not been a stranger to controversy. According to fashionmagazine.com, the fast fashion company has also been accused of stealing designs from independent creatives. It is rather perplexing how they manage to release around 500 to 2,000 designs per week.
There has also been some speculation that the company has also been using child labor in production. This could be in line with the fact that their products are unbelievably cheap, wherein dresses can cost only $4.
Sixth Tone traveled to Guangzhou, which is SHEIN's main production base in China, and spoke with workers, factory bosses, and workshop owners. They found that the conditions were poor and troubling, all so they could produce clothes quicker and cheaper than their competitors.
These four instances are only the tip of the iceberg when it comes to the questionable methods of the fast-growing fashion retailer.