Shopify has confirmed a data breach, in which two 'rogue members' of its support team were engaged in a scheme to steal customer data from at least 100 merchants.
Shopify became aware of an incident involving the data of less than 200 merchants. The company launched an investigation to identify the issue and its impact, in order to take action and notify the affected merchants.
The investigation determined that two rogue members of Shopify's support team were engaged in a scheme to obtain customer data of certain merchants. The company terminated these individuals’ access to its network and referred the incident to law enforcement. Shopify is currently working with the FBI and other international agencies in their investigation of these criminal acts.
According to Shopify, the incident was not the result of a technical vulnerability in their platform, and the vast majority of merchants using the commerce platform are not affected. However, those whose stores were illegitimately accessed may have had customer data exposed. This data includes basic contact information, such as email, name, and address, as well as order details, like products and services purchased. Complete payment card numbers or other sensitive personal or financial information were not part of this incident.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the Telecompaper website, they in no way represent the opinion of Telecompaper.