Canadian bookstore chain Indigo this week confirmed that the personal information of both current and former employees was stolen in a ransomware attack last month. The attack took place on February 8, resulting in the company taking down affected systems to contain the incident. Indigo has since been able to restore online payments and exchanges and returns.
The investigation into the incident has revealed that some employee data was compromised, but Indigo says it has no evidence that customer data was accessed. No credit and debit card information was impacted. The ransomware deployed during the attack was LockBit, which is known to be used by cybercriminals either located in Russia or with ties to Russian organized crime.
Indigo has already started notifying impacted individuals of the incident and has been working with Canadian authorities and the FBI to investigate the attack. However, the hackers have threatened to publish the stolen data on the dark web starting this week, unless a ransom is paid. The company has said it does not plan to give in to the attackers’ ransom demands.
Indigo has made it clear it will contact any individuals whose data may have been compromised if the investigation reveals any customer data has been impacted, and has reminded customers that payment of a ransom does not guarantee the deletion or protection of stolen data.
In conclusion, Canadian bookstore chain Indigo has suffered a ransomware attack, resulting in the theft of some employee data. The ransomware deployed was LockBit and the hackers have threatened to publish the stolen data on the dark web starting this week. Indigo has been working with Canadian authorities and the FBI and has said it will contact any individuals whose data may have been compromised. The company has also noted that payment of a ransom does not guarantee the deletion or protection of stolen data.
Key Points:
• Canadian bookstore chain Indigo was attacked by ransomware on February 8
• Some employee data was stolen, but no evidence of customer data being accessed
• Indigo is working with Canadian authorities and the FBI to investigate the attack
• Hackers have threatened to publish the stolen data on the dark web this week
• Indigo has said it will contact any impacted individuals, and warned that payment of a ransom does not guarantee the deletion or protection of stolen data