Accepting credit cards, warehouses, and shipping and fulfilling orders
A customer contacted me today saying that right after purchasing from us her credit card was hacked and her information was used to make fraudulent purchases. She indicated that it was our site that had a breach of security. Is this possible?
Solved! Go to the solution
This is an accepted solution.
HI @Suemac
Thank you for reaching out about this and the details you shared here. I am sorry this happened to a customer from your site. While nothing online is 100% secure all of the time, the chances that your payment gateway was compromised would be very very low.
What payment gateway did the customer use? If it was Shopify Payments, we have not had any reports of issues related to that and if we did we would be contacting merchants ASAP to inform them of this (this would be a legal requirement on our part).
The unfortunate answer is that most likely the device the customer made the purchase on, or their internet connection, was compromised. I would encourage your customer to do a full virus scan or reinstallation of their computer operating system to remove any possible malware or viruses being used to collect their data.
If the customer insists that this is an issue with your online store or the Shopify platform, they can reach out to our support by emailing legal@shopify.com with any evidence they have to support this and our team would be happy to investigate further with the customer.
Shay | Social Care @ Shopify
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution
- To learn more visit the Shopify Help Center or the Shopify Blog
Hi @Suemac Jason here with Beacon.
Yes, bad-actors use stolen CC information all the time to make fraudulent purchases on sites.
If you have not already done so, quickly cancel and refund the order and do not ship out the item. If you have already shipped out the item, you can quickly contact your shipping provider and intercept the package so that you do not lose out on your inventory.
If you do not refund the customer, eventually they will contact their CC provider and open up a chargeback case, which is really bad for merchants because you will be charged additional fees and the original payment reversed if you lose the case. This is why it's important to quickly cancel and refund the order as soon as possible so that a chargeback case cannot be opened.
Next, make sure to educate yourself and learn to spot bad orders in the future because it will happen again once you start scaling up your business.
https://help.shopify.com/en/manual/orders/fraud-analysis
https://blog.lizuna.com/how-to-prevent-shopify-chargebacks-with-a-phone-number/
I hope this helps!
Her order was legitimate, she was saying that her credit card information and name was stolen to buy products elsewhere. Is it possible that her personnel information and credit card number was taken from our shopify site.
Hi @Suemac,
This is possible due to compromised security on your website - and here are a few tips to cover in order to save yourself from happening this again:
1. Keep all software on your site up-to-date
2. Use strong passwords for all accounts associated with your website
3. Use a secure connection (SSL) for any page where customers input sensitive information
4. Regularly scan your site for malware and vulnerabilities
5. Have a plan in place for what to do if a breach happens
6. Train staff on cyber security best practices
7. Educate customers about how to protect themselves online when visiting your website
8. Make sure all third-party payment processors are PCI compliant and have up-to-date safeguards in place for processing payments
9. Investigate any suspicious activity as soon as possible and take appropriate action
10. Monitor bank and credit card statements for any fraudulent activity associated with your website
These simple steps can help ensure that your customers' data is safe and secure and that you are taking the necessary measures to protect them from identity theft or other malicious activities. If you have already been affected by a security breach,
⚡ Chargeflow is the best chargeback recovery software for Shopify brands. Free to start, 24/7 Live Chat Support, ROI-guarantee and the highest win-rates. Let us take care of your chargebacks. ⚡
This is an accepted solution.
HI @Suemac
Thank you for reaching out about this and the details you shared here. I am sorry this happened to a customer from your site. While nothing online is 100% secure all of the time, the chances that your payment gateway was compromised would be very very low.
What payment gateway did the customer use? If it was Shopify Payments, we have not had any reports of issues related to that and if we did we would be contacting merchants ASAP to inform them of this (this would be a legal requirement on our part).
The unfortunate answer is that most likely the device the customer made the purchase on, or their internet connection, was compromised. I would encourage your customer to do a full virus scan or reinstallation of their computer operating system to remove any possible malware or viruses being used to collect their data.
If the customer insists that this is an issue with your online store or the Shopify platform, they can reach out to our support by emailing legal@shopify.com with any evidence they have to support this and our team would be happy to investigate further with the customer.
Shay | Social Care @ Shopify
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution
- To learn more visit the Shopify Help Center or the Shopify Blog
My card info was also stolen from Shopify! Totally unsecure. Now I'm fighting the merchant who wont reply AND my card's bank. Its a total mess. All from Shopify! Criminal business!!!
Gary
Starting a B2B store is a big undertaking that requires careful planning and execution. W...
By JasonH Sep 23, 2024By investing 30 minutes of your time, you can unlock the potential for increased sales,...
By Jacqui Sep 11, 2024We appreciate the diverse ways you participate in and engage with the Shopify Communi...
By JasonH Sep 9, 2024