A known threat actor on BreachForums using the alias ‘888’ has allegedly leaked data stolen from Shopify in a recent data breach. The exposed data reportedly includes personal details, email subscriptions, and order-related information of Shopify users.

Shopify Inc., a Canada-based multinational company, offers a proprietary e-commerce platform that enables individuals, retailers, and businesses to set up their online stores or retail point-of-sale websites.

The breach claims to involve 179,873 rows of user information, including Shopify ID, First Name, Last Name, Email, Mobile, Orders Count, Total Spent, Email Subscriptions, Email Subscription Dates, SMS Subscription, and SMS Subscription Dates.

via GIPHY

While The Cyber Express could not independently verify the authenticity of these claims, the threat actor ‘888’ is a high-ranking member of BreachForums, known as ‘Kingpin.’ This breach may be linked to a recent data breach at Evolve Bank and Trust, a partner of Shopify Balance.

In late June, Evolve Bank and Trust confirmed a cybersecurity incident claimed by LockBit. The stolen data included sensitive personal information such as names, Social Security Numbers (SSNs), dates of birth, and account details.

Evolve Bank stated, “Evolve is currently investigating a cybersecurity incident involving a known cybercriminal organization that appears to have illegally obtained and released on the dark web the data and personal information of some Evolve retail bank customers and financial technology partners’ customers (end users).”

🚨 Shopify Data Breach 🚨

A member of BreachForums has posted about a significant data breach involving Shopify. The compromised data includes 179,873 rows of user information such as Shopify IDs, full names, emails, mobile numbers, order counts, email subscriptions, etc.… pic.twitter.com/HaGlz1i3jL

— FalconFeeds.io (@FalconFeedsio) July 3, 2024

Following this, Affirm Holdings confirmed its involvement in the Evolve Bank breach, acknowledging, “Affirm is aware of a cybersecurity incident involving Evolve, a third-party vendor that serves as an issuing partner on the Affirm Card. We are actively investigating the issue. We will communicate directly with any impacted consumers as we learn more.”

This incident highlights the cascading risks of interconnected systems in the digital economy, emphasizing the need for robust cybersecurity measures across all partners.

Abdul Rehman

Abdul is a tech-savvy, coffee-fueled, and creatively driven marketer who loves keeping up with the latest software updates and tech gadgets. He’s also a skilled technical writer who can explain complex concepts simply for a broad audience. Abdul enjoys sharing his knowledge of the Cloud industry through user manuals, documentation, and blog posts.

Thankyou for Subscribing Us!