Search This Blog

Powered by Blogger.

Blog Archive

Labels

Ransomware Attack Compromises Indigo Employees' Data

The company engaged third-party experts to investigate and resolve the matter.

 

As per Indigo Books & Music Inc., a ransomware attack compromised the data of current and former employees at Canada's largest bookstore chain. Indigo said in a statement on its website that the February 8 breach left no evidence that customers' personal information, such as credit card numbers, had been accessed, but that "some employee data was." 

The Toronto-based retailer announced that it has contracted with consumer reporting agency TransUnion of Canada to provide employees free credit monitoring and identity theft protection credit monitoring and identity theft protection to employees for two years. Customers can still not make online purchases except for "select books" after Indigo shut down its website and app due to a "cyberattack" last week.

When the incident started more than two weeks ago, Indigo could only process in-store cash purchases, but some of its services, such as over-the-counter credit and debit payments, exchanges, and returns, have since been revived. The company hired third-party experts to probe and resolve the issue, but the incident was not publicly acknowledged as a ransomware attack affecting employees until this week.

“Both current and former employees are being notified that their information may have been impacted,” the statement reads.

Data breaches have become common in the corporate and public sectors, with Canadian retailers experiencing an increase in cyberattacks in recent months.

Late last year, Sobeys' parent company, Empire Co. Ltd., experienced a security breach. Customers were unable to fill prescriptions at the chain's pharmacies for four days after the incident in November, and other in-store functions such as self-checkout machines, gift card use, and loyalty point redemption were unavailable for about a week.

Empire later stated that the attack would cost $25 million after insurance recoveries. 

In January, the Liquor Control Board of Ontario experienced a "malicious" cybersecurity incident that disrupted online sales, and a ransomware attack disrupted operations at Toronto's Hospital for Sick Children in December.
Share it:

Data Breach

Data Leak

Indigo

Security

Security Data

User Data

User Privacy

User Security