Three weeks ago, Canadian bookstore chain Indigo announced The website and app were left offline, unable to accept electronic payments, and suffered a “cybersecurity incident” that caused orders to be delayed.
and Help from Shopifya brand new temporary website came online in a matter of days and was able to fulfill orders for hungry bookworms.
But it’s not all good news.
In an update posted on its new website, Indigo not only confirmed that the security incident occurred was a ransomware attack, but that data related to current and former employees was stolen by hackers. also confirmed.
Frustratingly, Indigo’s FAQ doesn’t provide any details about the exact nature of the stolen employee data.
The infamous LockBit ransomware gang threatens to expose stolen data to the dark web today unless ransom demands are met. However, Indigo states that he is not prepared to give in to the extortionist’s demands, as there is no guarantee that the money paid will “not fall into the hands of terrorists.”
Indigo apparently believes that paying extortionists does not guarantee that sensitive information will not be shared widely. And, at least for now, Indigo seems to agree with many law enforcement agencies who claim that paying the ransom only encourages others to launch future attacks.
Indigo said it is prioritizing the “safety and security” of its past and current employees, including those at Chapters and Coles stores, and offers all employees two years of free credit monitoring and identity theft protection. Provides prevention.
Former employees whose contact details are known to Indigo will be notified of the risks by email or mail. Of course, this is bad news for anyone who previously worked at Indigo and has since moved or changed her email address.
The company says it has found no evidence that customer information may have been accessed by hackers.
Canadian police and the FBI are said to be working closely with Indigo in investigating the attack.
