Bondi Reaches Settlement With Zappos Over Data Breach

TALLAHASSEE, FLORIDA —Attorney General Pam Bondi, along with eight other attorneys general, today announced a settlement with Nevada-based online retailer Zappos.com, Inc.

The settlement resolves allegations that Zappos placed consumers’ personal data at risk by allegedly failing to protect financial information during a data breach that occurred in 2012. Zappos has agreed to pay $106,000 to the states and must take certain actions intended to better protect consumers’ information.

Under the terms of the settlement, Zappos is required to:

• Maintain and comply with its information security policies and procedures;
• Provide the attorney generals with its current security policy;
• Provide the attorney generals copies of reports demonstrating compliance with the Payment Card Industry Data Security Standard for two years;
• Have a third party conduct an audit of its security of personal information; and
• Provide relevant training to employees.

The other states participating in the investigation include: Arizona, Connecticut, Kentucky, Maryland, Massachusetts, North Carolina, Ohio, and Pennsylvania.

Similar Stories