News and Updates on Information Technology

Canada – Shopify

Exploit: Malicious Insider
Shopify: e -Commerce Platform

Risk to Small Business: 2.314 = Severe

The data of customers for an estimated 200 merchants on Shopify was exposed in an insider incident at the e-commerce giant. Two employees who were working a scheme to steal transaction data are to blame. The data exposed includes client details like email, name, and street address, as well as order details, but does not involve complete payment card numbers or financial information. The company hosts over one million businesses across more than 175 countries on its platform.

Individual Risk: 2.603 = Moderate

The rogue staffers were only able to expose a small amount of information from a few businesses. Merchants on the platform are being informed by Shopify as the investigation continues. Users who think they may be at risk should be alert for spear phishing attempts.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: The economy in the rest of the world may be challenged, but the Dark Web data markets are thriving, and staffers who need a little extra cash can be tempted to expose company data, sell their logins, or dip their feet into the cybercrime as-a-service market.

Source:
https://www.reuters.com/article/us-shopify-cyber/shopify-says-customer-data-likely-exposed-as-employees-accessed-records-idUSKCN26D36J