Have you looked up the for the shop domain? Might be worth reviewing to see when the site first came up and any other information you can glean from it.
Outside of that, I haven’t seen this myself either. Thinking out loud, were there any Shopify plugins added recently or any used currently with exploits? Considering there’s a shop TLD I doubt that’s just it, but I’ve seen things like this happen with Wordpress/Drupal sites in the past and wouldn’t rule it out.
FWIW, regarding a potential data leak, but this is a sample of 1 so who knows.