E-commerce platform Shopify denies it suffered a knowledge breach after a risk actor started promoting buyer information they declare was stolen from the corporate’s community.
“Shopify techniques haven’t skilled a safety incident,” Shopify advised BleepingComputer.
“The information loss reported was brought on by a third-party app. The app developer intends to inform affected prospects.”
This assertion comes after a risk actor referred to as ‘888’ started promoting information earlier this week that they declare was stolen from Shopify in 2024.
Supply: BleepingComputer
The risk actor shared information samples that embody an individual’s Shopify ID, first title, final title, electronic mail, cell quantity, order depend, whole spent, electronic mail subscription, electronic mail subscription date, SMS subscription, and SMS subscription date.
Shopify didn’t reply to additional requests for extra details about the app from which this buyer’s information was stolen.
The risk actor, 888, has beforehand bought or leaked information allegedly linked to Credit score Suisse, Shell, Heineken, Accenture India, and Unicef.
In 2020, Shopify disclosed that two “rogue members” of its assist group accessed the buyer transactional data of about 200 retailers.