HACKED
Shopify store targeted by extortion-based data breach threatening customer database release.
Summary
A threat actor claims to have compromised a Shopify store's customer database containing names, emails, phone numbers, order history, and shipping data. The attacker created a fake customer account (ID: 8069776801871) as a communication vector and issued a 72-hour extortion ultimatum, threatening to publicly release the data unless an agreement is reached. This appears to be a targeted extortion attack leveraging stolen customer data as leverage.
Full text
HACKED Security Notification - Urgent URGENT SECURITY NOTIFICATION SECURITY BREACH DETECTED This is an urgent security notification regarding your Shopify store. Your customer database has been compromised. Incident Details We have successfully breached your Shopify store's security systems and downloaded the entire customer database, which includes: Customer Information: Names, email addresses, phone numbers Order History: Purchase records, transaction details Shipping Data: Addresses, shipping preferences Account Details: Account creation dates, customer notes This data is currently in our possession and will be publicly released unless an agreement is reached. COMMUNICATION METHOD We have created a special customer account in your store for communication purposes: CUSTOMER ID: 8069776801871 We have placed our contact email address in the details of this customer account. You must use this email to reach out to us to discuss an agreement. REQUIRED ACTION To prevent the public release of your customer database, you must: Log into your Shopify admin panel Navigate to the Customers section Search for Customer ID: 8069776801871 Review the contact information in this customer profile Use the provided email address to contact us immediately We will discuss the terms of an agreement to ensure your customer data remains confidential. TIME IS CRITICAL: Failure to contact us within 72 hours will result in the public release of all customer data. Latest News Seiko 5 Sports introduces a limited-edition collaboration model with HUF. Seiko 5 Sports Meets the Pink Panther A new creation pays homage to the fan-favorite 1980s watch SEIKO 5 Sports collaborates with BAMFORD Discover more
Indicators of Compromise
- malware — Extortion/Ransomware (unnamed)