Forwarded from BlackBox (Security) Archiv
Shopify discloses security incident caused by two rogue employees
Shopify said two rogue support staffers accessed customer transaction details for less than 200 stores.
Online e-commerce giant Shopify is working with the FBI and other law enforcement agencies to investigate a security breach caused by two rogue employees.
The company said two members of its support team accessed and tried to obtain customer transaction details from Shopify shop owners (merchants).
Shopify estimated the number of stores that might be affected by the employees' actions at less than 200. The company boasted more than one million registered merchants in its latest quarterly filings.
The e-commerce giant said the incident is not the result of a vulnerability in its platform but the actions of rogue employees.
"We immediately terminated these individuals' access to our Shopify network and referred the incident to law enforcement," the company said in a prepared statement. "We are currently working with the FBI and other international agencies in their investigation of these criminal acts."
An investigation into the security breach is still in its early phases. Shopify promised to notify impacted merchants and customers as relevant.
π ππΌ https://community.shopify.com/c/Shopify-Discussion/Incident-Update/m-p/888971
π ππΌ https://www.zdnet.com/article/shopify-discloses-security-incident-caused-by-two-rogue-employees
#fbi #breach #shopify #security #incident
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Shopify said two rogue support staffers accessed customer transaction details for less than 200 stores.
Online e-commerce giant Shopify is working with the FBI and other law enforcement agencies to investigate a security breach caused by two rogue employees.
The company said two members of its support team accessed and tried to obtain customer transaction details from Shopify shop owners (merchants).
Shopify estimated the number of stores that might be affected by the employees' actions at less than 200. The company boasted more than one million registered merchants in its latest quarterly filings.
The e-commerce giant said the incident is not the result of a vulnerability in its platform but the actions of rogue employees.
"We immediately terminated these individuals' access to our Shopify network and referred the incident to law enforcement," the company said in a prepared statement. "We are currently working with the FBI and other international agencies in their investigation of these criminal acts."
An investigation into the security breach is still in its early phases. Shopify promised to notify impacted merchants and customers as relevant.
π ππΌ https://community.shopify.com/c/Shopify-Discussion/Incident-Update/m-p/888971
π ππΌ https://www.zdnet.com/article/shopify-discloses-security-incident-caused-by-two-rogue-employees
#fbi #breach #shopify #security #incident
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Shopify
Incident Update
Recently, Shopify became aware of an incident involving the data of less than 200 merchants. We immediately launched an investigation to identify the issue--and impact--so we could take action and notify the affected merchants. Our investigation determinedβ¦
Forwarded from BlackBox (Security) Archiv
Airbnb may be exposing private host inbox messages, bookings and earnings data
Airbnb hosts report that they are able to access inboxes that do not belong to them.
Airbnb may be at the heart of a severe security incident as hosts report they are able to inadvertently access private inboxes that are unrelated to their accounts.
On Thursday, Airbnb hosts flooded Reddit, querying the sudden appearance of inboxes that do not belong to them when they signed into the service.
π ππΌ https://www.reddit.com/r/AirBnB/comments/iz26du/airbnb_host_login_shows_me_other_peoples_inboxes/
π ππΌ https://www.zdnet.com/article/airbnb-security-incident-may-be-leaking-host-inbox-messages-bookings-information
π ππΌ π©πͺ https://www.golem.de/news/datenleck-airbnb-gibt-gastgebern-zugriff-auf-fremde-postfaecher-2009-151125.html
#airbnb #security #incident #leaked #leak
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Airbnb hosts report that they are able to access inboxes that do not belong to them.
Airbnb may be at the heart of a severe security incident as hosts report they are able to inadvertently access private inboxes that are unrelated to their accounts.
On Thursday, Airbnb hosts flooded Reddit, querying the sudden appearance of inboxes that do not belong to them when they signed into the service.
π ππΌ https://www.reddit.com/r/AirBnB/comments/iz26du/airbnb_host_login_shows_me_other_peoples_inboxes/
π ππΌ https://www.zdnet.com/article/airbnb-security-incident-may-be-leaking-host-inbox-messages-bookings-information
π ππΌ π©πͺ https://www.golem.de/news/datenleck-airbnb-gibt-gastgebern-zugriff-auf-fremde-postfaecher-2009-151125.html
#airbnb #security #incident #leaked #leak
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Reddit
From the AirBnB community on Reddit
Explore this post and more from the AirBnB community