However, we encourage you to be vigilant in reviewing communications directed to an email address or phone number you have previously provided to ColourPop. We have no evidence that your information has been misused as a result of this incident. Does this mean I am the victim of identity theft?.The information could have included only a bank identification number associated with your payment card (the first six digits of a payment card number) as well as the last 4 digits of your payment card number.
#Shopify colordrop value bug full#
Shopify had safeguards in place that prevented any full credit card numbers from being exported by the unauthorized application. Was my credit card/financial account number exposed?.Shopify has notified law enforcement in the United States and Canada and requested that they also investigate the incident. Shopify also terminated the two Shopify contractors responsible for the data breach, suspended their access to Shopify’s systems and networks, and notified law enforcement in the United States and Canada. Additionally, when Shopify became aware of this incident, it began an investigation with the assistance of a forensic investigator. The unauthorized application was removed within 48 hours of its installation. What is being done to protect my information?.Shopify reported that two of its contractors took the information. It has also notified the appropriate regulators. Following initial notice from Shopify, SEED has attempted to determine the identities of the individuals whose data was taken and their locations. This export process continued through August 25, 2020, and the unapproved application was uninstalled on August 26, 2020.ĬolourPop takes the security and privacy of personal information very seriously. The application then began exporting customer order information. Shopify reported that on August 24, 2020, an application was installed on the ColourPop Cosmetics Shopify store without approval. On September 18, 2020, Shopify provided details to SEED about a security incident involving two Shopify contractors. We have your information because you either placed an order on the ColourPop store online or because an order someone else placed was billed or shipped to you. Why does SEED Beauty have my personal information?.
#Shopify colordrop value bug password#
Your ColourPop username and password were not exported.
Additionally, while Shopify had safeguards in place that prevented any full credit card numbers from being exported by the unauthorized application, the information could have included a bank identification number associated with your payment card (the first six digits of a payment card number) as well as the last 4 digits of your payment card number. The personal information involved could have included your name, mailing or billing address, email address, phone number and information about ColourPop items purchased.
What personal information may have been involved?.Shopify has informed us that it is not possible to determine conclusively which records were taken, and it is possible that your information was among the records exported without authorization by the Shopify contractors. The unauthorized application exported customer order information for approximately 86% of the records in our database. Shopify recently reported that two Shopify contractors installed an unauthorized application on the ColourPop Shopify store on August 24, 2020. To process online sales, SEED Beauty uses the e-commerce platform Shopify. ColourPop Cosmetics is an affiliate of SEED Beauty, LLC that manufactures, markets, and sells cosmetics to customers around the world from SEED Beauty’s headquarters in Oxnard, California, United States.
0 kommentar(er)
