Bondi Reaches Settlement With Zappos Over Data Breach

By  //  January 8, 2015

Share on Facebook Share on Twitter Share on LinkedIn Share on Delicious Digg This Stumble This

TALLAHASSEE, FLORIDA Attorney General Pam Bondi, along with eight other attorneys general, today announced a settlement with Nevada-based online retailer, Inc.

Pam Bondi
Pam Bondi

The settlement resolves allegations that Zappos placed consumers’ personal data at risk by allegedly failing to protect financial information during a data breach that occurred in 2012. Zappos has agreed to pay $106,000 to the states and must take certain actions intended to better protect consumers’ information.

Under the terms of the settlement, Zappos is required to:

    • Maintain and comply with its information security policies and procedures;
    • Provide the attorney generals with its current security policy;
    • Provide the attorney generals copies of reports demonstrating compliance with the Payment Card Industry Data Security Standard for two years;
    • Have a third party conduct an audit of its security of personal information; and
    • Provide relevant training to

The other states participating in the investigation include: Arizona, Connecticut, Kentucky, Maryland, Massachusetts, North Carolina, Ohio, and Pennsylvania.