Shopify has blamed two of its support team members for stealing customer data from less than 200 merchants.
The world’s leading e-commerce platform Shopify confirmed suffering a data breach. The company confirmed the breach in a blog post and revealed shocking details of who caused it.
The company claims that two ‘rogue members’ of its support staff were responsible for stealing customer data from at least 200 merchants. Both employees were immediately fired for conspiring against Shopify to “obtain customer transactional records of certain merchants.”
The incident should not come as a surprise as insider threat is nothing new yet one of the most dangerous ones due to the fact that it originates from within the organization. A few days ago it was reported that an ex-employee not only hacked Cisco’s AWS infrastructure and also erased virtual machines
Shopify, on the other hand, caters to over one million businesses worldwide, and naturally, the data breach has profoundly affected sellers and customers globally.
Although it hasn’t released any official statement regarding the incident, the company has clarified that the incident wasn’t a result of a technical glitch or security vulnerability.
“The vast majority of merchants using Shopify are not affected”, Shopify claimed in a blog post.
The rogue workers accessed transaction records, including names, emails, order details, and postal addresses. However, they couldn’t access financial data except ..