E-commerce platform Shopify denies it suffered a data breach after a risk actor started promoting buyer knowledge they declare was stolen from the corporate’s community.
“Shopify techniques haven’t skilled a security incident,” Shopify informed BleepingComputer.
“The information loss reported was attributable to a third-party app. The app developer intends to inform affected clients.”
This assertion comes after a risk actor referred to as ‘888’ started promoting knowledge earlier this week that they declare was stolen from Shopify in 2024.
Supply: BleepingComputer
The risk actor shared knowledge samples that embrace an individual’s Shopify ID, first identify, final identify, electronic mail, cellular quantity, order rely, whole spent, electronic mail subscription, electronic mail subscription date, SMS subscription, and SMS subscription date.
Shopify didn’t reply to additional requests for extra details about the app from which this buyer’s knowledge was stolen.
The risk actor, 888, has beforehand offered or leaked knowledge allegedly linked to Credit score Suisse, Shell, Heineken, Accenture India, and Unicef.
In 2020, Shopify disclosed that two “rogue members” of its help group accessed the buyer transactional information of about 200 retailers.
