Three weeks ago, Canadian bookstore chain Indigo announced The website and app were left offline, unable to accept electronic payments, and suffered a “cybersecurity incident” that caused orders to be delayed.
and Help from Shopifya brand new temporary website came online in a matter of days and was able to fulfill orders for hungry bookworms.
But it’s not all good news.
and Updates posted on new websiteIndigo not only confirmed that the security incident that occurred was a ransomware attack, but also that data relating to current and former employees was stolen by hackers.
Frustratingly, Indigo’s FAQ doesn’t provide any details about the exact nature of the stolen employee data.
The infamous LockBit ransomware gang threatens to expose stolen data to the dark web today unless ransom demands are met.But indigo Said Since there is no guarantee that the money paid will not fall into the hands of terrorists, they are not prepared to yield to the extortionist’s demands.
Indigo apparently believes that paying extortionists does not guarantee that sensitive information will not be shared widely. And, at least for now, Indigo seems to be in line with many law enforcement agencies. These agencies argue that paying the ransom only encourages others to launch attacks in the future.
Indigo said it is prioritizing the “safety and security” of its past and current employees, including those at Chapters and Coles stores, and offers all employees two years of free credit monitoring and personal information screening. Offers anti-theft protection.
Former employees whose contact details are known to Indigo will be notified of the risk by email or mail. Of course, this is bad news for anyone who previously worked at Indigo and has since moved or changed her email address.
The company says it has found no evidence that customer information may have been accessed by hackers.
Canadian police and the FBI are said to be working closely with Indigo in investigating the attack.