Security News > 2020 > September > Shopify Discloses Insider Threat Incident
E-commerce platform provider Shopify on Tuesday said two members of its support staff were caught accessing customer information without authorization.
According to Shopify, the two employees used their permissions to access customer transactional records from some merchants.
The company says less than 200 merchants are impacted by the incident and they have all been notified.
The exposed merchant customer data included name, email address, physical address, and order details, but payment card or other financial information were not impacted.
The company pointed out that this insider threat incident did not involve exploitation of a vulnerability in its platform.
News URL
http://feedproxy.google.com/~r/Securityweek/~3/OA0Rub0dinQ/shopify-discloses-insider-threat-incident