Shashank Shekhar
Millions of Piping Rock Health Products customer records may be compromised after a hacker posted them on an underground forum. The data, allegedly containing information for over 2 million customers, was offered by a threat actor known as ShopifyGUY on BreachForums.
What Data Was Leaked?
The hacker claims the database contains a trove of sensitive customer information, including:
- Email Addresses
- Names
- Phone Numbers
- Physical Addresses
- Purchase History
ALSO READ: Bailey Financial Ltd Faces Data Breach: 70GB of Sensitive Data For Sale on Dark Web
This type of data breach could have huge consequences for affected customers. Hackers could use the information for phishing scams, identity theft, or targeted marketing campaigns.
Negotiations Gone Wrong?
The circumstances surrounding the leak remain unclear. The hacker’s post suggests they attempted negotiations with Piping Rock regarding the data, but these discussions seemingly stalled.
ShopifyGUY wrote, “The management suddenly just stopped in the middle of negotiations,” implying potential communication between the attacker and the company.
Piping Rock Yet to Respond
As of now, Piping Rock Health Products has not publicly commented on the alleged data breach.
What You Can Do
If you’re a Piping Rock customer, here’s what you can do to protect yourself:
Be Wary of Phishing Scams: Phishing emails often look legitimate and attempt to trick recipients into revealing personal information. Be cautious of any emails claiming to be from Piping Rock, especially if they request personal details or urge immediate action.
Change Your Password: Consider changing your password for your Piping Rock account, particularly if you use the same password for other online services.
Monitor Your Accounts: Keep an eye on your bank statements and credit reports for any suspicious activity.
ALSO READ: French Telecom Giant Orange Targeted in Data Breach: 348k Login Credentials Up for Sale
History of Leaks
This isn’t ShopifyGUY’s first alleged data breach. Earlier this month, the same actor claimed responsibility for leaking data from Canadian discount store chain Giant Tiger. Additionally, on April 13th, ShopifyGUY is believed to have leaked customer records belonging to French underwear maker Le Slip Français.
Cybersecurity experts are raising alarms that the threat actor known as ShopifyGUY may be systematically targeting Shopify stores, compromising their security, and exfiltrating sensitive data. This concern stems from a pattern observed in ShopifyGUY’s previous breaches, suggesting a primary tactic of infiltrating the e-commerce platform’s stores. The recurrence of such breaches indicates that this actor’s modus operandi involves exploiting vulnerabilities within Shopify’s system to gain unauthorized access to customer databases.
This incident underscores the growing threat of cyberattacks on online retailers. Consumers deserve transparency and proactive measures from companies entrusted with their personal information. As the situation with Piping Rock develops, we will continue to monitor for updates and provide further information if it becomes available.
