Shopify transaction data stolen by rogue support staff

No primary category set

Shopify are the latest big ecommerce name to have a security breach. Following eBay (rogue security staff) and Amazon (bribing employees), Shopify have discovered that two rogue members of their support team were engaged in a scheme to obtain Shopify transaction data of certain merchants.

Less than 200 merchants were effected and Shopify immediately launched an investigation to identify the issue and impact so they could take action and notify the affected merchants. Naturally they terminated these rogue support team members’ access to the Shopify network and referred the incident to law enforcement.

“We are currently working with the FBI and other international agencies in their investigation of these criminal acts. While we do not have evidence of the data being utilized, we are in the early stages of the investigation and will be updating affected merchants as relevant.”
– Shopify

With over a million merchants using their platform, this is in reality a tiny security breach, although nonetheless concerning for those who’s Shopify transaction data was compromised. This incident was not the result of a technical vulnerability on Shopify and the vast majority of merchants using Shopify are not affected. If you’ve not heard anything from Shopify then it’s likely you are one of the almost 1 million merchants who were unaffected

The stolen Shopify transaction data includes basic contact information, such as email, name, and address, as well as order details, like products and services purchased. Complete payment card numbers or other sensitive personal or financial information were not part of this incident. It looks very much like targeted data to inform give a competitive advantage to the recipients of the data.

“Our teams have been in close communication with affected merchants to help them navigate this issue and address any of their concerns. We don’t take these events lightly at Shopify. We have zero tolerance for platform abuse and will take action to preserve the confidence of our community and the integrity of our product.

To put it simply, we are committed to protecting our platform, our merchants, and their customers. We will continue to work hard to earn your trust every day.”
– Shopify

RELATED POSTS..

Two-thirds think AI will make brand/product discovery easier

Two-thirds think AI will make brand/product discovery easier

WPP and Shopify partnership to help retailers rapidly scale

WPP and Shopify partnership to help retailers rapidly scale

Shopify POS Go launches in the UK & IE

Shopify POS Go launches in the UK & IE

TikTok European User Data Security update

TikTok European User Data Security update

New Amazon Buy with Prime on Shopify Stores

New Amazon Buy with Prime on Shopify Stores

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.

Latest

Take a look through a selection of the latest articles on ChannelX

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars