December 30, 2020 – ROMWE recently discovered customer usernames and passwords on the “dark web.” In an abundance of caution, we have taken steps to notify all potentially affected individuals and to provide resources to assist them.

On September 7, 2020, we discovered that some ROMWE customers’ usernames and passwords found on the dark web may have been stolen from our computer network in July 2018, as determined by internal and external forensic investigations. These usernames and passwords, if used, could have provided access to some ROMWE customers’ account information, including name, email, and phone number, or other optional information customers may have stored. If a customer stored credit card information in their account, it remains secure since ROMWE does not keep customers’ full credit card information.

Over the past several years, ROMWE has continued to improve its security protections as part of its regular security program activities, including by increasing password encryption and using more advanced intrusion detection technologies. For the present matter, we have also forced password resets for all potentially affected customers.

We have emailed notice to customers potentially impacted by this incident which includes information about the incident and steps individuals can take to monitor and protect their personal information. If you created your account after July 14, 2018, then we believe your account was not impacted. In addition to the email datasecurity@romwe.com , we have also established a toll-free call center to answer questions about the incident and related concerns. The call center is available Monday through Friday from 7am to 7pm Pacific and can be reached at 1-877-218-7105. In addition, out of an abundance of caution, we are offering dark web monitoring to potentially affected customers at no cost through ID Experts. Instructions on how to sign-up is included in the email notice sent on or about December 30, 2020 to customers who were potentially impacted.

We take the protection of our customers’ information seriously and sincerely apologize for any inconvenience this incident may cause.

To read “Frequently Asked Questions,” please visit here .

You can obtain a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To order your credit report, free of charge once every 12 months, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three nationwide credit reporting agencies is included in the e-mail received by affected customers and is also listed at the bottom of this page.

You may consider placing a fraud alert on your credit report. This fraud alert statement informs creditors as to possible fraudulent activity within your report and requests that your creditor contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact Equifax, Experian or TransUnion and follow the Fraud Victims instructions. To place a fraud alert on your credit accounts, contact your financial institution or credit provider. Contact information for the three nationwide credit reporting agencies is included in the letter and is also listed at the bottom of this page.