Shopify Says Two ‘Rogue’ Employees Engaged in Data Breach to Obtain Customer Records


OTTAWA – Shopify Inc. is working with the FBI after two “rogue members” of its support team engaged in a scheme to illegally obtain transaction records from customers of certain merchants. The Ottawa-based tech company said it had terminated employee access to its network and referred the data breach to law enforcement.

Shopify says it has no evidence at this stage of the investigation that the data was used.

It says fewer than 200 merchants whose stores have been illegally accessed are at risk of having their customer data exposed. This data includes basic contact information, such as email address, name and address, as well as order details, such as products and services purchased.

Full payment card numbers or other sensitive personal or financial information was not affected.

Shopify, which is Canada’s most valuable company, says the incident was not the result of a technical vulnerability in its platform, and stressed that the vast majority of its customers are not affected.


Please enter your comment!
Please enter your name here