Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Canadian Bookstore Chain Indigo Says Employee Data Stolen in Ransomware Attack

Canadian bookstore chain Indigo this week confirmed that employee data was stolen in a ransomware attack last month.

Canadian bookstore chain Indigo this week confirmed that the personal information of both current and former employees was stolen in a ransomware attack last month.

The hack, Indigo says, took place on February 8 and resulted in the company taking down affected systems to contain the incident. The company was able to restore online payments and exchanges and returns two weeks ago.

The investigation into the incident has revealed that some employee data was compromised during the attack, but Indigo says it has no evidence that customer data was accessed. No credit and debit card information was impacted, the company says in an updated notice on its website.

Should the investigation reveal that any customer data has been compromised, Indigo promises to contact the impacted individuals immediately.

The ransomware deployed during the attack, Indigo says, was LockBit, which is known to be used by cybercriminals either located in Russia or with ties to Russian organized crime.

The company says it has already started notifying impacted individuals of the incident, but did not say how many were affected. Indigo currently operates more than 160 stores across Canada and has over 8,000 employees.

Indigo also says that it has been working with Canadian authorities and the FBI to investigate the attack and that it does not plan to give in to the attackers’ ransom demands.

The hackers, however, have threatened to publish the stolen data on the dark web starting this week, unless a ransom is paid.

Advertisement. Scroll to continue reading.

“The privacy commissioners do not believe that paying a ransom protects those whose data has been stolen, as there is no way to guarantee the deletion/protection of the data once the ransom is paid. Both US and Canadian law enforcement discourage organizations from paying a ransom,” the company notes.

Related: Dish Network Says Outage Caused by Ransomware Attack

Related: Ransomware Attack Hits US Marshals Service

Related: Ransomware Attack Forces Produce Giant Dole to Shut Down Plants

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Ransomware

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Data Breaches

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. 

Ransomware

Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Ransomware

Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

Ransomware

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.