Shopify Reveals Data Breach, Blames “Rouge” Employees

Caleb Townsend
Staff Writer United States Cybersecurity Magazine

Canadian e-commerce company Shopify has announced a data breach affecting less than 200 of their customers. In a blog post entitled “Incident Update,” Shopify reveals that the breach was caused by two rouge members of their support team. Apparently, they were conducting a scheme to rip off customers by grabbing their transaction records.

Shopify has responded to this insider threat by terminating both employees. They are currently working with the FBI and local police to investigate the issue further. “While we do not have evidence of the data being utilized,” the incident update states. “We are in the early stages of the investigation and will be updating affected merchants as relevant.”

The information affected in the breach includes names, postal addresses, emails, and item purchase details. However, complete credit card payment numbers and other financial information were not jeopardized.

Shopify concludes their blog post by confirming that they have been in close communication with all affected parties, a manageable task due to the unusually low amount of people implicated in the breach. “This incident was not the result of a technical vulnerability in our platform,” Shopify states. “We don’t take these events lightly at Shopify. We have zero tolerance for platform abuse and will take action to preserve the confidence of our community and the integrity of our product.”

Leave a Comment