Shopify, a leading eCommerce platform reveals an incident where two “rogue” employees stole data from fewer than 200 merchants in a breach that might have exposed customer emails, names, and order information.
Probably, no payment card numbers and other billing information was exposed. It’s important to mention that in a security sense, it’s not a ‘breach’, but more an internal leak. Now, it depends on what kind of 200 customers were leaked – if those are the top 200 Shopify merchants, it could be serious and devastating to those businesses.
Shopify terminated the employees and is working with the FBI and international agencies investigating the breach.
Our investigation determined that two rogue members of our support team were engaged in a scheme to obtain customer transactional records of certain merchants. We immediately terminated these individuals’ access to our Shopify network and referred the incident to law enforcement. We are currently working with the FBI and other international agencies in their investigation of these criminal acts. While we do not have evidence of the data being utilized, we are in the early stages of the investigation and will be updating affected merchants as relevant.
Shopify is one of the leading eCommerce platforms these days, and was a highly recommended platform to start an online store with, together with WooCommerce. Let’s see what the investigation will find.