Incident Update

Highlighted
New Member
1 0 0

I know that Shopify staff are always aware of merchants. so, I want that Shopify staff would be taken action for affected merchants.

0 Likes
Highlighted
New Member
2 0 0

I agree with you. Shopify should take into account your concern and include it into the investigation and then determine officially if it was or was not breached. According to Kylie's website, the breach occurred from August 15th to September 15th. https://www.kyliecosmetics.com/pages/faqs

From Kylie's website. I would take it into consideration.

"SECURITY FAQ'S

  • What happened? 
    Kylie Cosmetics recently became aware of an information security incident suffered by our e-commerce vendor, Shopify. Although their investigation is ongoing, Shopify has shared that this incident involved two members of their customer support team that obtained transactional records related to certain merchants, including Kylie Cosmetics.

    Kylie Cosmetics is committed to protecting the security of our customers’ information and was deeply disappointed to learn that Shopify’s incident affected some of our customers. Upon learning of this incident Kylie Cosmetics promptly initiated an investigation into the incident and has communicated extensively with Shopify to learn more about what occurred. Shopify has informed us that it engaged an outside forensic investigation firm to assist them in investigating and remediating the situation and has reported the incident to the FBI and other international agencies and are working with law enforcement in their investigation of this incident.

    We recognize the importance of protecting the privacy and security of our guests’ information and we are continuing to work diligently with Shopify to get additional information about this incident and their investigation and response to this matter. 

  • When did this happen? 
    Based on the information we have received from Shopify, it appears that this incident occurred between August 15 and September 15, 2020."
0 Likes
Highlighted
New Member
2 0 0

@fraudvictim @jasmd25 and @Nem360 - Hello, I just wanted to ask, did the charges occur with another Shopify merchant? The reason why I ask, is that these employees used  "Shopify’s Orders API" which would probably allow them to make charges to your card, but not necessarily exposing your security code or whole credit card number. Please let me know. Thank you.

0 Likes
Highlighted
Shopify Staff
Shopify Staff
10 0 5

@twinnii wrote:

The reason why I ask, is that these employees used  "Shopify’s Orders API" which would probably allow them to make charges to your card, but not necessarily exposing your security code or whole credit card number. Please let me know. Thank you.


Hi @twinnii,

The Orders API does not have the capability to perform credit card charges. 

0 Likes
Highlighted
New Member
1 0 1

But the message says if this banner appears in your admin you may have been impacted. So now you’re saying if we received the banner & not an email we were not affected?? Shopify has really got to tighten up. I realize you are on a huge growth trajectory but we pay a hell of a lot of $ to not have even a PHONE NUMBER to call, especially during times like these. And don’t reply with the live chat, email support stuff. We all know that it’s HIGHLY more effective from a communication standpoint to actually SPEAK to someone.   

1 Like
Highlighted
Tourist
6 0 1

Yes I must have to say the user experience is not so good at the moment I think we can all understand that a company can't grow instantly overnight without some teething problems. maybe it's about time to bee proactive instead of reactive and have decent practices procedures and protocols in place for all eventualities I left eBay because of the shady practices and invested in shopify please don't let us down the art of selling is not all about cash it's about the customer experience?

0 Likes