Shopify announces over $1 million awarded through bug bounty program

Today, we are announcing that Shopify has paid out over $1 million USD since launching our bug bounty program, helping protect more than 800,000 businesses worldwide.

Our bug bounty program takes the most significant parts of our product offering and makes them securely available to thousands of security researchers who proactively discover potential vulnerabilities and ensure that businesses on Shopify have the most secure platform.

On top of this, we are dedicated to publicly disclosing all vulnerability reports discovered through our program to propel industry learnings and we strongly encourage other companies to do the same. Investing in ethical hacking practices and sharing those discoveries is one way we’re driving the future of commerce.

For more information, please read One Million Dollars in Bounties on our Engineering Blog.

Story image


Company news
About Shopify

Shopify is the leading omni-channel commerce platform. Merchants use Shopify to design, set up, and manage their stores across multiple sales channels, including mobile, web, social media, marketplaces, brick-and-mortar locations, and pop-up shops. The platform also provides merchants with a powerful back-office and a single view of their business, from payments to shipping. The Shopify platform was engineered for reliability and scale, making enterprise-level technology available to businesses of all sizes. Headquartered in Ottawa, Canada, Shopify currently powers over 800,000 businesses in approximately 175 countries and is trusted by brands such as Nestle, Kylie Cosmetics, Allbirds, MVMT, and many more.