U.S. markets closed
  • S&P 500

    3,269.96
    -40.15 (-1.21%)
     
  • Dow 30

    26,501.60
    -157.51 (-0.59%)
     
  • Nasdaq

    10,911.59
    -274.00 (-2.45%)
     
  • Russell 2000

    1,538.48
    -23.10 (-1.48%)
     
  • Crude Oil

    35.72
    -0.45 (-1.24%)
     
  • Gold

    1,878.80
    +10.80 (+0.58%)
     
  • Silver

    23.72
    +0.35 (+1.52%)
     
  • EUR/USD

    1.1641
    -0.0037 (-0.31%)
     
  • 10-Yr Bond

    0.8600
    +0.0250 (+2.99%)
     
  • GBP/USD

    1.2953
    +0.0030 (+0.23%)
     
  • USD/JPY

    104.6350
    +0.0250 (+0.02%)
     
  • BTC-USD

    13,824.68
    +105.89 (+0.77%)
     
  • CMC Crypto 200

    265.42
    +1.78 (+0.68%)
     
  • FTSE 100

    5,577.27
    -4.48 (-0.08%)
     
  • Nikkei 225

    22,977.13
    -354.81 (-1.52%)
     

Shopify Working With Feds to Investigate Security Breach

Adriana Lee
·2 mins read

According to online retail platform Shopify, two employees pilfered customer data from more than 100 merchants, and now the company is working with authorities, including the Federal Bureau of Investigation, to investigate the matter.

In a statement, the Ottawa-based company said that it immediately cut off those employees’ access to the network and contacted law enforcement. Now the company is “currently working with the FBI and other international agencies in their investigation of these criminal acts,” it said, promising to keep affected retailers and their customers in the loop with any revelations.

More from WWD

Shopify explained that the security breach was not due to any sort of bug, backdoor or security hole in its technology, blaming instead the human activity of two “rogue” staffers. The clarification was likely made to set it apart from questions raised last year, when a security expert uncovered a glitch in Shopify software that could make revenue across thousands of stores vulnerable.

These bad actors attempted to grab customer transaction information, the company said. The effort apparently succeeded with at least some records accessed as recently as Sept. 15, according to e-mails sent by Shopify merchants to customers.

The company believes that fewer than 200 retailers were impacted by the incident, which may have compromised names, e-mail addresses, mailing addresses and purchase histories. But, Shopify noted, financial details like credit card, banking or other payment accounts were not part of the vulnerable data set.

Since its initial public offering in 2015, Shopify has become an e-commerce giant, a notable achievement in a roiling digital environment largely owned by Amazon.

The company’s core proposition to help merchants set up for online retail offered a compelling counterpoint to marketplace-driven scenarios. Demand for its subscription software and other digital tools has skyrocketed this year, as brick-and-mortar retailers flock to the Internet for sales, and it’s now considered the most valuable public Canadian company.

The platform includes more than a million merchants now, according to its latest earnings report.