• bitcoinBitcoin (BTC) $ 35,462.00 0.14%
  • ethereumEthereum (ETH) $ 2,430.16 0.1%
  • dogecoinDogecoin (DOGE) $ 0.138465 4.06%
  • daiDai (DAI) $ 1.00 0.06%
  • litecoinLitecoin (LTC) $ 108.66 1%
  • bitcoin-cashBitcoin Cash (BCH) $ 290.51 1.55%
  • stellarStellar (XLM) $ 0.194094 0.13%
  • moneroMonero (XMR) $ 150.59 1.06%
  • tezosTezos (XTZ) $ 2.91 1.44%
  • eosEOS (EOS) $ 2.21 1.41%
  • dashDash (DASH) $ 95.51 1.76%
  • ravencoinRavencoin (RVN) $ 0.063718 1.72%
  • qtumQtum (QTUM) $ 5.60 0.86%
  • bitcoin-goldBitcoin Gold (BTG) $ 28.89 2.2%
  • digibyteDigiByte (DGB) $ 0.020536 0.8%
  • augurAugur (REP) $ 12.54 1.69%
  • groestlcoinGroestlcoin (GRS) $ 0.549988 4.93%
  • zcoinFiro (FIRO) $ 3.40 2.98%
  • vertcoinVertcoin (VTC) $ 0.270226 6.04%
  • ufocoinUniform Fiscal Object (UFO) $ 0.003674 3.48%
  • smartcashSmartCash (SMART) $ 0.001589 4.21%
  • feathercoinFeathercoin (FTC) $ 0.007755 3.24%

“Rogue” Shopify Support Employees Steal Customer Data

Customer data, not including financial data, was stolen from fewer than 200 merchants according to the eCommerce giant Shopify.

Canada-based Shopify has remained ahead of the curve in all things e-Commerce since it’s launch in 2014. It’s ever-growing suite of tools has attracted more than one million businesses and garnered more than $4 billion in profit form the platform and catapulted Shopify to the top of the global e-Commerce world and making it a likely target for data hunters.

Despite it’s extremely pro-active role in platform security, nearly 200 Shopify merchants found themselves victims of a scheme by two support personnel to acquire customer data.

According to an incident update from Shopify:

Recently, Shopify became aware of an incident involving the data of less than 200 merchants. We immediately launched an investigation to identify the issue–and impact–so we could take action and notify the affected merchants.

Our investigation determined that two rogue members of our support team were engaged in a scheme to obtain customer transactional records of certain merchants. We immediately terminated these individuals’ access to our Shopify network and referred the incident to law enforcement. We are currently working with the FBI and other international agencies in their investigation of these criminal acts. While we do not have evidence of the data being utilized, we are in the early stages of the investigation and will be updating affected merchants as relevant.

This incident was not the result of a technical vulnerability in our platform, and the vast majority of merchants using Shopify are not affected. However, those whose stores were illegitimately accessed may have had customer data exposed. This data includes basic contact information, such as email, name, and address, as well as order details, like products and services purchased. Complete payment card numbers or other sensitive personal or financial information were not part of this incident.

Shopify operates a very active and transparent hacker-powered “bug bounty” program, marking its commitment to platform security for merchants, consumers, and partners.  Unfortunately, sometimes data breaches don’t come from outside.

Michelle Ray

Michelle Ray

Michelle Ray (@ragnarsmate) is a mom of 4, serial entrepreneur, co-founder of the civic engagement platform Clearvoter™, and 20 year veteran of the tech industry with a passion for free markets, innovation, and the ordered chaos the results from climbing out of the box to solve problems.
Share on facebook
Share on twitter
Share on pinterest
Share on reddit
Share on linkedin
Share on telegram
Share on whatsapp
Share on email