Indigo Books stands firm: Refuses LockBit ransomware demand. Stay informed on the evolving dynamics of cyber threats and response strategies. Chapters Indigo is your go-to spot for stylish home decor, books, toys and more. Its easy-to-navigate website lets you check your gift card balance, find locations and more.
The Canadian bookstore chain is warning employees that data stolen in a cyberattack could be posted on the dark web as early as Thursday. The attack involved ransomware, which encrypts victims’ digital files.
The Attack
Canada’s biggest bookstore chain says the criminals behind a cyberattack last month that knocked its website and digital payment system offline may make the stolen employee data available on the dark web. Indigo Books & Music Inc. said Thursday that the attack was carried out using software associated with a global ransomware group known as LockBit. The company has been working with Canadian police services and the FBI in the U.S. to investigate and has refused to pay the demanded ransom, citing advice from privacy commissioners that paying a ransom rewards criminal activity and doesn’t guarantee data would be protected.
The company’s investigation found no evidence that customer data was accessed in the breach, but it said some information from current and former employees was, and is offering two years of identity theft monitoring from credit bureau TransUnion to them. The company’s website still isn’t fully operational three weeks after the attack.
The Company’s Response
As hacker softwear becomes more sophisticated, companies are having a hard time keeping pace with sinister cyberattacks. One such attack uses ransomware to encrypt the victim’s digital files and then demand a payment in order to decrypt the data. According to cybersecurity softwear company Heimdal, over 200,000 new strains of malware are released every day.
Canada’s largest book retailer, Indigo Books & Music, says it won’t pay the ransom demanded by hackers after a February 8 cyberattack halted its website and digital payments systems. The company says it’s working with Canadian police services and the FBI in the U.S. to identify the unidentified criminals who attacked its system.
Indigo said customer data was not compromised but that data belonging to some current and former employees was. The company is offering affected employees two years of free credit monitoring and identity theft protection from TransUnion of Canada. The attack used software associated with the global hacking group LockBit, which has ties to Russian organized crime. The FBI describes LockBit as “one of the world’s most active and destructive ransomware variants.” Its victims have included SickKids Hospital in Toronto and the municipalities of Westmount, Que. and St. Marys, Ont. The FBI arrested Russian-Canadian dual citizen Mikhail Vasiliev in November 2022 for allegedly being involved with the LockBit campaign.
The Dark Web
As Canada’s biggest bookstore chain continues to grapple with a cyberattack that knocked its website and digital operations offline, it warned employees on Thursday that stolen data could be posted online. The company says it has been informed that hackers who breached the network using ransomware software may make stolen employee information available on the dark web, as early as today. The company does not know the identity of the attackers, but they used software known as LockBit, which has been linked to criminal groups with links to Russian organized crime. It has refused to pay a demanded ransom, following advice from Canadian privacy commissioners and the FBI in the U.S.
The Future
The Canadian bookstore chain says it will not pay a ransom to hackers who compromised current and former employee data in a cyberattack last month that has kept its website and online payments offline. Indigo said Thursday that the attack used software known as LockBit, developed by a criminal hacking group with ties to Russian organized crime. The company has been working with Canadian police services and the FBI in the U.S. and is offering affected employees two years of free credit monitoring and identity theft protection. Indigo also announced that four of its directors have resigned, including founder and executive chair Heather Reisman, who cited “a loss of confidence in board leadership and mistreatment.”.