In the Press
October 14, 2022

Fast Fashion Retailer Fined $1.9 Million in New York (Global Data Review)

A fast fashion retailer has agreed to pay $1.9 million to New York prosecutors in fines and costs for failing to properly handle a data breach that compromised customer personal data. Data, Privacy & Cybersecurity partner Jud Welle told Global Data Review that companies should communicate data breach findings only after careful and rigorous investigations. “While it is natural to want to reassure customers and investors in the wake of a cyber incident, if a company paints a rosy picture before all the facts are in, it risks being seen by regulators as misleading or, even worse, covering up matters.” Welle noted that the prosecutors had concluded that the company’s security controls were outdated. “The lesson here is that if you stand still on cybersecurity, you quickly fall behind the pack and may become a target for regulatory action.”