Seiko USA website defaced, hackers claim theft of Shopify customer data

A cybersecurity incident involving Seiko USA, the American division of Japanese watchmaker Seiko Holdings, surfaced over the weekend after attackers defaced a section of the company’s website and issued a ransom demand, claiming to have stolen sensitive customer data from its e-commerce systems.

The breach became visible in the “Press Lounge” section of the Seiko USA website, where regular content was replaced with a page displaying a “HACKED” message and an alleged security notification. The message asserted that the attackers had gained access to the company’s Shopify backend and extracted its entire customer database, warning that the data would be publicly released unless negotiations were initiated within 72 hours.

The attackers stated that the compromised data includes customer names, email addresses, phone numbers, shipping details, order histories, and certain account-related information. They also directed the company to locate a specific customer account ID within its Shopify administrative system, claiming that a contact email address had been embedded there to facilitate ransom negotiations.

The defacement page was later removed, restoring the affected section of the website. Seiko USA has not issued a public statement confirming the breach or addressing the claims, leaving the scope and authenticity of the alleged data theft unverified as investigations continue.

Cybersecurity specialists indicate that attacks of this nature increasingly target third-party software-as-a-service platforms and cloud-based integrations used in e-commerce operations. These systems can become vulnerable entry points when user credentials are compromised or access controls are improperly configured, potentially exposing large volumes of customer data.

The incident reflects a broader trend in which cybercriminal groups combine website defacement with data exfiltration and extortion tactics. Rather than focusing solely on disruption, attackers are increasingly leveraging stolen data for financial gain through ransom demands or illicit resale on underground markets.