Skip to main content
BoF Logo

Agenda-setting intelligence, analysis and advice for the global fashion community.

The Business of Fashion
Retail

Shopify Says ‘Rogue’ Employees Stole Data From Merchants

Two employees stole data from more than 100 merchants, potentially exposing the personal information of consumers who shopped on web stores that use the company’s e-commerce software.  
The Shopify App.
The Shopify App. (Shutterstock)
By
  • Bloomberg

NEW YORK, United States — Shopify Inc. said two employees stole data from more than 100 merchants, potentially exposing the personal information of consumers who shopped on web stores that use the company's e-commerce software.

“Rogue members” of Shopify’s support team were involved in a scheme to obtain customer transactional records from some of the merchants, the company said in a blog post that noted fewer than 200 sellers were affected.

Customer transaction records from some of the merchants were obtained by hackers on Sept. 15, according to an email sent to customers by 100% Pure, a cosmetics retailer that uses the Shopify platform.

“We deeply value the trust of our customers and we are sorry that this incident has questioned it,” said Ric Kostick, chief executive officer of 100% Pure. “Our top priority right now is to ensure that the safety and security of their data are protected. We are carefully evaluating the extent of this incident with Shopify and will take all necessary and immediate actions to prevent this from happening again.”

ADVERTISEMENT

Shopify terminated the two employees’ access to its network and the company is working with the Federal Bureau of Investigation and other international agencies that are investigating what it called “criminal acts.” Shopify shares slipped more than 1 percent in extended trading on Tuesday.

The hacked stores may have had customer data exposed, including emails, names, addresses and order details, the company added. Complete payment card numbers or other sensitive personal or financial information were not part of the incident, Shopify said.

Shopify sells subscription software to help merchants run online stores. The Ottawa-based company has had a dizzying rise since going public in 2015. The coronavirus pandemic has boosted growth even more as lockdowns pushed more retailers online. It is now the most valuable Canadian company on public markets.

Last year, a security researcher found a bug in Shopify’s software code that could have exposed revenue information for thousands of online stores.

By Natalie Wong and Gerrit De Vynck

In This Article
Topics
Organisations
Location

© 2026 The Business of Fashion. All rights reserved. For more information read our Terms & Conditions

More from Retail
Analysis and advice from the front lines of the retail transformation.

The New Reality of Shipping to Saks

While $1.75 billion in court-approved funding has brought labels back to the fold, the real test for vendors will come when that temporary safety net vanishes later this year.

The Step-by-Step Guide to Brand Elevation | Case Study

A growing number of mass and premium brands are pushing upmarket with a more luxe look, better materials and, often, higher prices. This case study unpacks how these labels are navigating the tricky challenge of elevating a brand.

view more
Latest News & Analysis
Unrivalled, world class journalism across fashion, luxury and beauty industries.

Can Big Luxury Find Its New Look?

Sex sells — if anyone can figure out what sexy means in 2026. Robert Williams tracks the search for a new silhouette at Kering’s Gucci, LVMH’s Dior and more.

Estée Lauder’s Surprise Acquisition, Explained

The American cosmetic giant’s buyout of Ayurvedic beauty line Forest Essentials came as a surprise. By picking an under-the-radar brand it knows well, the company can show that it’s still in the M&A game without needing to outbid rivals.

VIEW MORE

The Business of Fashion

Agenda-setting intelligence, analysis and advice for the global fashion community.
CONNECT WITH US ON
© 2026 The Business of Fashion. All rights reserved. For more information read our Terms & Conditions, Privacy Policy, Cookie Policy and Accessibility Statement.