Today there was a suspicious movement in my Magento store. This is an account of someone from Denmark who bought one of our products a month ago.
The shipping address was changed today to somewhere in Morocco. What could be the reason for this hack?
If the same user changed his customer address, then there is no hack, the user has logged into his customer account to update his address in the storefront.
If you don't accept orders from those countries, you can disable them from the system configuration page.