Canada's online shop Shopify recently announced 200 merchant customer data might have stolen by two of their 'rogue' employees. No sensitive personal information or credit card details were included on the breach, but it may have accessed transaction records from the merchants themselves. Should you be alarmed?
Shopify breach alarm: What happened?
Hundreds of merchants selling items in one of the most popular shopping app Shopify were recently alarmed by the company over a data breach.
On Tuesday, Sept. 23, Shopify's blog post revealed two of their 'rogue' employees tried to access the store's database. It was said that the hackers might have exposed to the customers' data, including names, email and postal addresses, and order details.
Luckily, other more sensitive personal data such as financial information of credit card payments were not accessed by the two.
Shopify did not clarify when did the breach start. It was only quoted 'recently' by the store. Since it was also too early on the investigation, the e-commerce store did not explain how their employees had access to the database. Or if the data were used against the customers.
They also reiterated that "this incident was not the result of a technical vulnerability in our platform, and the vast majority of merchants using Shopify are not affected."
As of now, the two 'rogue' employees were fired from their positions as the investigation started.
"We don't take these events lightly at Shopify. We have zero-tolerance for platform abuse and will take action to preserve the confidence of our community and the integrity of our product," said on the blog post.
Should you be alarmed?
Nowadays, cybercrimes, including security breaches, are rampant in all kinds of businesses.
In this recent Shopify breach, the company said that the majority of Shopify customers should not be alarmed by the incident. They also talked with the merchants affected to address any other issues caused by the breach.
If you're still worried, though, you can do all the basic user-protection methods. This includes changing your passwords, checking your log-in details, or making sure you're accessing legitimate websites and pages.
This article is owned by Tech Times
Written by Jamie Pancho