Ah no I didn't really assume that, it was part of my question, as to whether it was a deliberate strategy to jump straight to bug bounty with an expectation of a potentially large number of reported issues or an unexpected event, where the number of reported bugs and their severity, was more than you'd expected.
So (and I'm guessing from your comment you work for Shopify) I guess I can take from that, that it was the latter.
So (and I'm guessing from your comment you work for Shopify) I guess I can take from that, that it was the latter.