A recent cyber threat actor known as ‘888’ has reportedly shared data believed to be stolen from Shopify in a data breach incident. The data allegedly includes personal details, email subscriptions, and order-related information of Shopify users, raising concerns about the security of the popular e-commerce platform. Shopify, a multinational corporation based in Canada, offers an e-commerce platform that enables individuals and businesses to create and manage online stores and retail websites.
The data breach in question is said to involve 179,873 rows of user information, including Shopify ID, First Name, Last Name, Email, Mobile, Orders Count, Total spent, Email subscriptions, Email subscription dates, SMS subscription, and SMS subscription dates. While the authenticity of these claims has not been verified, the threat actor behind them is well-known in the BreachForums community and is referred to as ‘Kingpin,’ indicating a high level of credibility within the cybercrime world. The breach is suspected to have originated from a recent data breach affecting Evolve Bank and Trust, a key partner of Shopify Balance and a provider of Affirm debit cards.
Evolve Bank and Trust recently confirmed a cybersecurity incident linked to LockBit, where sensitive personal information such as names, social security numbers, dates of birth, and account details were compromised. This breach not only affected Evolve Bank customers but also financial technology partners, including Affirm Holdings, which acknowledged being impacted by the incident. Affirm assured affected consumers that they were actively investigating the matter and would provide updates as more information became available.
As cybersecurity incidents continue to plague organizations and individuals, the importance of robust security measures and proactive response strategies cannot be overstated. Data breaches not only compromise personal information but also erode trust in the affected companies and their services. Users are advised to stay informed about such incidents and take necessary precautions to safeguard their data and privacy.
In conclusion, the alleged data breach involving Shopify and Evolve Bank and Trust underscores the ongoing challenges posed by cyber threats and the critical need for heightened cybersecurity measures. Companies must prioritize the protection of user data and swiftly respond to any security incidents to prevent further risks and damages. As the cybersecurity landscape evolves, vigilance and collaboration are key to mitigating cyber risks and maintaining a secure online environment for all stakeholders.