Shopify has seen customer data stolen by “rogue” employees, the e-commerce provider announced.
Two members of Shopify’s support team were engaged in a scheme to obtain customer transactional records of certain merchants – less than 200, according to Shopify.
Once the business became aware of the scheme the team members’ access was immediately terminated, and an international investigation began with the assistance of the FBI and other agencies that will seek to find if, when, and where the data was used – if at all.
“This incident was not the result of a technical vulnerability in our platform, and the vast majority of merchants using Shopify are not affected. However, those whose stores were illegitimately accessed may have had customer data exposed,” Shopify said in a statement.
“This data includes basic contact information, such as email, name, and address, as well as order details, like products and services purchased. Complete payment card numbers or other sensitive personal or financial information were not part of this incident.”
Shopfiy added that it has zero tolerance for platform abuse, and will take the necessary action.
“To put it simply, we are committed to protecting our platform, our merchants, and their customers and will continue to work hard to earn your trust every day,” Shopify said.