Kylie Jenner's cosmetics company was affected by the Shopify data breach, where 'rogue' staff members may have exposed customer details
Kylie Jenner’s cosmetics company confirmed that it was one of the companies affected by the Shopify data breach earlier this month.
Shopifyemployees may have exposed customer contact and order details from 200 merchants, Shopify said on September 23. Kylie Cosmeticssaid it was “deeply disappointed” to learn that the breach affected its customers, but remains “confident” that customers can still use its site.
Two "rogue" Shopify staff members stole order records and may have exposed customers' names, email and postal addresses, and order details from less than 200 merchants, the Canadian
The breach may have compromised the last four digits of some customers' credit card numbers, Kylie Cosmetics said in an email first reported by TMZ on September 29 but confirmed that full payment details weren't accessed.
The cosmetics company, which uses Shopify for its online transactions, said it was "deeply disappointed" to learn that the breach affected its customers.
Kylie Cosmetics launched an investigation into the incident, it said, and was working closely with Shopify to get additional information.
Kylie Cosmetics was working to identify which transactions may have been affected, the company added and said it would inform affected customers.
On September 23, Shopify said there was no evidence that the data had been used, but that it was still in the "early stages" of its investigation. The company was working with the FBI, other international crime agencies, and a digital forensics firm, it said.
The theft wasn't caused by any "technical vulnerability" in the platform, it said, describing the employees as two "rogue" members of its support team.
The company immediately terminated the employees' access to the Shopify network and referred the incident to law enforcement, it said.
The incident took place between August 15 and September 15, the company said.
When contacted by Business Insider, Shopify referred to its earlier statement from September 23, which read: "We don't take these events lightly at Shopify. We have zero tolerance for platform abuse and will take action to preserve the confidence of our community and the integrity of our product."
- Ready to introduce same-day settlement of trades by March 2024: Sebi chief
- Grok AI chatbot to reach all English-language users in about a week: Musk
- What are the two climate declarations India has been hesitant to sign at COP28?
- This 400-million-year-old fossil is the oldest disease-causing fungus we've ever seen!
- 10 Best places to visit in India for New Year 2024