Asian fast fashion retailer Shein has drawn significant attention with its rapid growth and plans to expand into the U.S. supply chain market. According to a recent report by CNBC, the move has raised concerns among U.S. cybersecurity experts, who warn of potential risks due to the company’s close ties to China.
Shein is beta-testing its logistics software with select customers, which would improve efficiency through interconnected application programming interfaces (APIs). However, the integration of these APIs often lacks strong cybersecurity measures, making them vulnerable.
Shein’s network includes over 50,000 entities, according to supply chain intelligence firm Exiger. This large amount of entities heightens the risk of data exposure.
“Given the intricate nature of the U.S. and global supply chains, the potential for espionage or data gathering is a significant risk,” Dewardric McNeal of Longview Global told CNBC. “Shein’s software could provide unprecedented access to sensitive supply chain data, which the Chinese government could seize under its laws. This exposure poses a direct threat to U.S. supply chain integrity, making it vulnerable to exploitation and manipulation.”
Despite moving its headquarters to Singapore, Shein’s operations and data storage practices continue to raise red flags. Shein claims to comply with international information security standards, but whether these claims are true or not remains unclear. To address national security concerns, Shein stores U.S. customer data on U.S.-based cloud services, while its supplier data remains in China. This setup still poses risks, according to cybersecurity experts.
The push to establish Shein as a logistics provider is seen as part of a broader economic strategy by China. Ram Ben Tzion of Publican suggested that Shein’s expansion aims to counteract the tightening of U.S. outsourcing regulations. Additionally, Shein faces legal challenges related to forced labor allegations as well as a crackdown from U.S. customs over concerns about contraband entering the country.
Shein’s planned U.S. IPO has encountered political and regulatory hurdles, and past data breaches have eroded trust in its cybersecurity practices. As Shein expands into the U.S. market, balancing technological advancements with stringent cybersecurity measures and ethical practices will be crucial to mitigating risks to supply chain integrity and data security.
https://www.supplychain247.com/article/shein-united-states-expansion-cybersecurity-concerns