Home > Consumer Information > Privacy, Identity Theft and Data Security Breaches > Data Breach Notifications
Data Breach Notifications
Entity Information
- Type of Organization: Other Commercial
- Entity Name: Zoetop Business Co. Ltd.
- Street Address: Room 19-112, 21/F, 14 Taikoo Wan Road, Taikoo Shing
- City: Hong Kong
- State, or Country if outside the US: Hong Kong
- Zip Code: 60601
Submitted By
- Name: Kevin Scott
- Title: Shareholder
- Firm name (if different than entity): Greenberg Traurig, LLP (on behalf of our client, Zoetop Business Co., Ltd.)
- Telephone Number: 3124561040
- Email Address: scottkev@gtlaw.com
- Relationship to entity whose information was compromised: Legal Counsel
Breach Information
- Total number of persons affected (including residents): 7,341,382
- Total number of Maine residents affected: 26,294
- If the number of Maine residents exceeds 1,000, have the consumer reporting agencies been notified: Yes
- Date(s) Breach Occured: 07/14/2018
- Date Breach Discovered: 09/07/2020
- Description of the Breach:
- External system breach (hacking)
- Information Acquired - Name or other personal identifier in combination with:
Notification and Protection Services
- Type of Notification: Substitute Notice
- Date(s) of consumer notification: 12/30/2020
- Copy of notice to affected Maine residents: US Customer Notification - ROMWE.pdf
- Date of any previous (within 12 months) breach notifications:
- Were identity theft protection services offered: Yes
- If yes, please provide the duration, the provider of the service and a brief description of the service: Zoetop Business Co. Ltd., which operates the ecommerce website www.romwe.com (“ROMWE”), recently discovered customer usernames and passwords on the “dark web.” ROMWE has forced password resets for all potentially affected customers. We have emailed notice to customers potentially impacted by this incident which includes information about the incident and steps individuals can take to monitor and protect their personal information. We have also established a toll-free phone number and a dedicated website page to provide customers more information, in addition to publication of a media notice as part of substitute notice. If someone created a ROMWE account after July 14, 2018, then we believe the account was not impacted. We are also offering to potentially affected customers free identity theft protection services through ID Experts, the data breach and recovery services expert. IDX identity protection services include 12 months of CyberScan (dark web) monitoring, a $1,000,000 insurance reimbursement policy, and fully managed ID theft recovery services. With this protection, IDX will help any impacted customer resolve issues if their identity is compromised. We encouraged affected customers to contact IDX to enroll in free identity protection services by going to https://app.idx.us/account-creation/protect and using the Enrollment Code provided in their email notification (a copy of which is attached).
