Representatives of the Shopify e-commerce platform allowing users to create their own online stores, reportedthat is currently investigating the conduct of two customer support personnel with the FBI who attempted to gain access to customer transaction details at approximately 200 online stores.
Insiders were known to have access to basic contact information of users (including email address, name and postal address), as well as order details (including data on purchased products and services). Payment card numbers or other confidential and financial information of users was not affected, as employees did not have access to it.
The company emphasizes that the incident was not due to any vulnerability in the platform, but only due to the fault of dishonest employees. These people no longer have access to the Shopify network and company tools. While the investigation into the incident is at an early stage, but Shopify promises to notify the affected store owners and their users if necessary. So far, there is no evidence that the employees managed to somehow use the stolen information.