Back to Data Breach

Data Breach

Shopify data leak caused by an insider attack

On September 22, 2020, Canadian multinational e-commerce company Shopify Inc. posted a security incident notice on its website. It was brought to light that two employees were involved in illegitimately accessing records connected to some of its merchants. Customer data including email addresses, names, addresses, and order details from around 200 merchants are estimated to have been exposed in the incident.

In a statement, Shopify said, “We immediately terminated these individuals’ access to our network and referred the incident to law enforcement. We are currently working with the FBI and other international agencies in their investigation of these criminal acts.” At the moment, there is no evidence to suggest that the stolen data was used, but the firm has notified affected merchants of the incident.

Insider threats are emerging as one of the biggest security challenges facing organizations. ManageEngine ADAudit Plus utilizes user behavior analytics (UBA) to help IT security teams detect insider threat indicators such as multiple failed logons, anomalies in user activity like surge in file accesses, or privilege escalations. ADAudit Plus applies machine learning to create a baseline of normal activities specific to each user, and only notifies security personnel when there is a deviation from this norm.

Here’s how you can leverage user behavior analytics to instantly spot insider threats.

© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.


Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.