Shopify Data Breach- The Insider Attack

When an authorized person of an organisation is entangled in the cyber attack, just think of what level of damage it can lead to?

The above situation where an organization's employee is involved in the attack perpetration on the network or the computers of the organization is referred as INSIDER ATTACK.  Insider attack is one of the most dangerous sort of attack for any company. 

The company's employee has an edge advantage over the external threat. The insider is very well aware of the company's policies, strength, weaknesses any many confidential details. Due to the scenario, it becomes very easy for the insider to frame a attack domain and deploy the attack. While on the other hand, the external actor need to first analyse the organization's environment, the details, employees trust on organization, its outreach co-ordinations and so as like…

Image Source: https://www.google.com/amp/s/www.forbes.com/sites/gregpetro/2019/04/05/shopping-malls-arent-dying-theyre-evolving/amp/


Recently, an e-commerce platform, Shopify, has faced a similar attack in which two of their employees were involved.

Shopify Data Breach


Image Source: https://www.shopify.in

Shopify Inc. is a Canadian multinational e-commerce company established on 2006. The company has more than 1,000,000 businesses in approximately 175 countries world wide using its platform. 

The company confirmed a data breach late on Tuesday, in their blog post, in which two ‘rogue’ member of their support team were “engaged in a scheme to obtain customer transactional records of certain merchants”. Their entry to the network is discontinued and the company cited the incident to the law enforcement agencies.

Shopify said that data of “less than 200 merchants” is compromised but there are no sign found of its usage yet. The data compromised entailed the basic contact information including email, name, address and order details like services and products purchased. Company claimed that the complete card numbers and any sensitive personal or financial information were unaffected.

Company is under progress along with FBI and various other international agencies for the crime investigation and updated the affected merchants and is in touch with them.


Although the company had not a great loss but such attacks questions the reputation of the company and may lead to a devastating consequences. Since, every organization have an security solutions designs to protect against outsider attack, but the same designs with hardened security measures are required for the insider attack prevention.

According to Cybersecurity Insiders-Insider Threat Report

90% of organizations feels susceptible to the insider attack while 53% majority have corroborated insider attacks against their organization in the previous 12 months

The same report also describe the insider risk factors that are leading to such penetrations: 

too many users with excessive access privileges- 37%

an increasing number of devices with access to sensitive data- 36%

the increasing complexity of information technology- 35%


How to prevent Insider Attacks:

The most popular ways to dissuade insider threats are 

1. Educate Employees: Providing the employees with proper training and education resources that defines the importance of cyber security and best practices to remain secure.

2. Encryption: The encryption is necessary while data is shared across network, in-transit and is at rest.

3. Proper Password Management Practice: Properly authentication the user by enabling two-factor authentication and use of complex passwords adds up a extra layer of security.

Keep your Passwords Secure

4. Identity and Access Management (IAM): Providing the least privileges to the user is key factor of IAM. Authentication and Authorisation must be maintained keeping security in mind.

5. Intrusion Detection and Prevention System (IDS/IPS): An IDS could help in identifying any attack over the network while IPS could help in preventing the attack and could trace back the attackers location.

6. Keep System and Software’s Updated: Regularly patched and updated software’s are less vulnerable towards the latest attack domains.


Comments