Latest news with #customerprivacy
The Independent
26-05-2025
- Business
- The Independent
Zara shopper says store employee barged into fitting room and shoved his hand down his pants: lawsuit
A New York City man trying on clothes at Zara was stunned to find a store clerk watching him disrobe in the fitting room, after which the employee repeatedly grabbed at the shopper's private parts 'all under the false pretense of assisting with garment fit,' according to an eye-popping lawsuit obtained by The Independent. In what the suit describes as an 'act of forcible compulsion,' the retail worker – who is not named as a defendant in the case – allegedly barged in on the shopper, 'pushed his hand inside [the man's] underwear, and seized, held, and pulled [his] genitals.' It says the 'appalling and invasive assault was committed with complete disregard for [the shopper's] autonomy and was captured on video,' providing 'irrefutable evidence of [the employee's] brazen and predatory conduct.' The alleged incident took place at one of the fast-fashion chain's Midtown Manhattan locations, according to accuser 'John Doe,' who brought the suit anonymously. A few months later, the same employee was accused of similar behavior towards another customer, but was let off with a mere verbal warning, the lawsuit maintains. Doe's attorney, Thomas Andrykovitz, told The Independent that the situation represents 'an appalling violation of customer safety and trust.' 'Our client was sexually assaulted by a Zara employee inside a fitting room, which is an area that should offer privacy, not peril,' Andrykovitz said. 'No customer should have to fear being preyed upon while shopping for clothes. We filed this case to hold Zara accountable and to help ensure no other customer is victimized or put at risk in one of its stores.' A Zara spokesperson did not respond to requests for comment on Monday, a U.S. holiday. Zara, a massively popular apparel and home decor retailer owned by Inditex, a Spanish conglomerate, operates more than 2,200 stores worldwide, 99 of them in the United States. In March, as Inditex reported slowing growth during the first part of 2025, it also announced Zara had posted 2024 sales of more than $30 billion, a 6.6 percent increase year-over-year, making it the top performer in its parent company's portfolio of brands. On January 18, 2024, Doe was shopping for shorts and shirts at a Zara store on Fifth Avenue and 42 Street, and selected several items to try on, according to his complaint. Doe brought them up to a fitting room on the second floor, where the employee in question was working by himself, the complaint says. 'Rather than instructing [Doe] to use any available changing stall, as is standard practice in most retail clothing stores, [the Zara employee] insisted that [Doe] use a specific changing stall,' the complaint states. 'This deviation from common procedure was unusual and suspicious, particularly given that other stalls were unoccupied and accessible at the time.' Nevertheless, Doe did as he was told and began to undress 'in the privacy of the closed changing stall,' the complaint continues. However, while Doe was taking off his clothes, the store employee 'repeatedly and abruptly pulled back the curtain without permission, brazenly staring at [Doe] during various stages of undress,' the complaint alleges. It says the Zara employee 'attempted to mask this gross invasion of privacy by pretending to inquire about the fit of the garments [Doe] had selected – as if such a question could possibly justify his unwelcome and outrageous intrusions into a space specifically designed for personal privacy.' Each time the employee opened the curtain, Doe would immediately close it again 'in an effort to reestablish his privacy,' according to the complaint. But, it contends, the employee kept coming back for more, each time 'with increasing boldness.' Soon, the employee physically entered the fitting room and 'plac[ed] his bare hands on [Doe's] body, all under the false pretense of assisting with garment fit,' the complaint states, calling his behavior 'a flagrant violation of [Doe's] bodily autonomy and the sanctity of the private space Zara purported to provide for its customers.' Doe 'expressly resisted' the alleged advances by the Zara employee, and demanded he stop touching him, again shutting the curtain to try and 'reclaim his privacy,' the complaint alleges. Regardless, it says, the employee ignored Doe's 'clear and repeated objections, [and] continued to return to the private changing stall.' Then, in what the complaint calls a 'shocking escalation,' it says the Zara employee 'inserted his fingers into the waistband of [Doe's] pants and underwear, snaking his hand toward [Doe's] penis.' In a state of shock, Doe took out his phone and began recording what was happening, '[i]n a desperate attempt to protect himself and document the ongoing sexual abuse,' according to the complaint. Yet, at this point, the employee – 'motivated solely by his own sexual gratification' – shoved his hand down Doe's underpants and gripped his genitalia, the complaint says. Doe became 'overwhelmed with disbelief as the assault unfolded,' and could barely comprehend what was happening, the complaint asserts. 'Fearing for his safety and unable to rely on Zara's safeguards,' the complaint says Doe 'remained in the stall until he could safely escape the fitting room – still reeling from the shock of the forced sexual contact and the betrayal of trust by a store employee in a space meant to offer privacy and protection.' The 'grotesque act' constituted 'a profound violation' of Doe's personal dignity, according to the complaint. Five months later, another Zara customer reported that Doe's alleged attacker had also opened the curtain to their fitting room without permission, the complaint states. But, the complaint alleges, Zara responded 'with nothing more than a verbal warning, failing to take meaningful corrective action or protect future customers from further harm.' Zara fitting rooms have been at the center of controversy before. Earlier this year, an Irish woman sued and won some $20,000 after a security guard at a Zara store in Dublin pulled back the curtain to her changing room and peeked in while the shopper was 'half-dressed.' In 2022, Zara apologized to a trans woman in the Philippines after a store employee allegedly refused to allow her into the women's dressing room. And in early 2020, a brawl between a customer and a Zara employee over the number of items allowed into a fitting room at one time landed both of them, as well as a 61-year-old bystander who tried to intervene, in the hospital. Doe's complaint says Zara should have been aware of the store employee's "dangerous propensities," but failed to take "adequate precautions" to prevent his alleged misconduct. It further calls Zara out for allowing its fitting rooms to be "exploited by sexual predators as a hunting ground." Doe, who claims to have suffered severe emotional trauma, including depression, anxiety, and post-traumatic stress, accuses Zara of negligence, assault, battery, intentional infliction of emotional distress, negligent hiring, and violations of the New York City Human Rights Law. He is seeking compensatory and punitive damages, as well as attorneys' fees and court costs, to be determined by a jury.
BBC News
23-05-2025
- Business
- BBC News
OxBykes customer data leak treated with 'utmost urgency'
A bicycle rental company that accidentally made customer data available on its mobile app has said it is treating the matter "with the utmost urgency". A user of OxBykes, which operates its own fleet of bicycles for rental and sale in Oxford, Cambridge and London, said they had accidently been granted administrative level access to its database on 13 shown to the BBC by the customer - who asked to remain anonymous - display confidential data including names, contact details and order said the security flaw had been resolved and that potentially affected customers would be contacted. OxBykes has 25 depots across Oxford, 14 in Cambridge and three in London. It makes bicycles available for collection instantly after user said they had come across the glitch while trying to contact the support team after struggling to find a bike they had said the data was found via a button on the mobile app and "was accessible throughout the past week".The customer added that they received a personal WhatsApp message from OxBykes founder Louis Wright on Sunday, explaining the error and requesting that they did not release any confidential CEO Tom Widgery replied to BBC's request for comment on Wednesday. He said the company was "made aware today that a very limited selection of customer data from a small number of customers may have been accessed as a result of a previously resolved vulnerability"."We are treating this matter with the utmost urgency and are currently speaking to our lawyers to understand the full implications of the situation," he said."We have already taken steps to patch the security flaw and are working to understand the extent of any data exposure. "We are also reporting the incident to the Information Commissioner's Office and are preparing to contact any potentially affected customers directly." You can follow BBC Oxfordshire on Facebook, X (Twitter), or Instagram.
Daily Mail
13-05-2025
- Business
- Daily Mail
BREAKING NEWS Marks & Spencer issue major update in wake of cyber attack that has crippled high street giant
Marks & Spencer has issued a major update in the wake of the cyber attack that crippled the high street giant. The retailer, which was left reeling from the hack, has today warned contact details and dates of births from some customers have been stolen. And M&S said other details were pilfered by cyber crooks, including customers' order histories. However, bosses at the retailer have insisted that no data relating to shoppers payment or card details, or account passwords, had been taken. It's unclear how many shoppers have been affected by the data breach. Stuart Machin, M&S chief executive, said the firm was writing to customers to inform them that 'unfortunately, some personal customer information has been taken'. 'Importantly, there is not evidence that the information has been shared,' he added.
The Independent
13-05-2025
- Business
- The Independent
Marks & Spencer reveals customer data taken by hackers after cyber attack
Retail giant Marks & Spencer has revealed that customer personal data has been taken by hackers after being hit by a damaging cyber attack. Chief executive Stuart Machin said the data had been accessed due to the 'sophisticated nature of the incident', but stressed this does not include payment or card details, or account passwords. He has written to shoppers to alert them over the data breach, but said there is 'no need for customers to take any action'. The high street chain did not say how many customers had been affected. In a social media post, Mr Machin said: 'We have written to customers today to let them know that unfortunately, some personal customer information has been taken. 'Importantly there is no evidence that the information has been shared and it does not include useable card or payment details, or account passwords, so there is no need for customers to take any action. 'To give customers extra peace of mind, they will be prompted to reset their password the next time they visit or log on to their M&S account and we have shared information on how to stay safe online.' The group has not been able to take any orders through its website or app since April 25 as it tries to resolve the problem. The incident first caused problems for the retailer's contactless payments and click and collect orders, while it has also impacted some availability in stores. A hacking group operating under the name Scattered Spider has been linked to the attack, according to reports.
