Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Indigo. Show all posts

Bengaluru Woman Escapes a Cyber-scam Attempt, After Indigo’s Bogus ‘Agents’ Cancel Rs.15,600 Tickets


A 32-year-old woman from Bengaluru, India, suffered a cyber scam where the scammers falsely identified themselves as the agents of Indigo Airlines. The scammers attempted to obtain Rs. 15,600 from the victim. 

Following a few questions from the ‘agents,’ victim Mahashweta Pal grew suspicious and called the official helpline number of the airlines to inform them about the narrow escape from the fraud. 

Pal, the social media manager at Inquest, was taken aback when, on January 1, she received a call from an alleged Indigo agent informing her that her tickets had been cancelled. Pal had purchased a round-trip ticket to Kolkata on Indigo.

"The caller then proceeded to offer two options: immediate rebooking at the same fare or a refund of the original booking amount (Rs 15,600) within 24 hours[…]This purported cancellation was presented as a fact, with no prior notification or explanation provided. The caller told me he could send me a link for repayment on WhatsApp," Pal said. 

Pal discovered that her tickets had been cancelled, but that a third party had handled it, after hanging up the phone and dialling Indigo's official hotline number.

She informed that the Indigo ‘agents’ informed her of the cancellation of her tickers and that there was nothing they could do except initiate a “partial refund of the cancelled tickets and I received around Rs 8,000."

However, when Pal asked some follow-up questions, the bogus agents informed them that someone had altered the information on their website. The customer support agent admitted that there were errors in the cancellation information; her phone number and email address did not match what she had entered. This disparity implied that her booking was maliciously altered and that there was illegal access to her account. Even though they acknowledged that there was a problem, they did not provide a fix or the remaining portion of my money.

Following a week of Pal pursuing the case and eventually taking the case to social media, she finally started getting calls from the airlines for assistance. 

"The customer care executive was kind enough to share the information about the scammers. The email ID they used was maheshmeena00417@gmail.com and the number to which the OTP was sent was 9257384638. And the IP address was 157.38.67.21," Pal shared.

The airline took further measures to "ensure the security" of Pal's booking when she purchased the flight tickets once again. "We have temporarily blocked any modifications or web check-in of your booking. If you have any further requirements or need to make changes, we kindly request you to contact our IndiGo contact centre for assistance," Indigo stated.

Moreover, on Tuesday, Pal was contacted by another executive informing her that her previous booking, which had been fraudulently cancelled, had been fully refunded.  

Ransomware Attack Compromises Indigo Employees' Data

 

As per Indigo Books & Music Inc., a ransomware attack compromised the data of current and former employees at Canada's largest bookstore chain. Indigo said in a statement on its website that the February 8 breach left no evidence that customers' personal information, such as credit card numbers, had been accessed, but that "some employee data was." 

The Toronto-based retailer announced that it has contracted with consumer reporting agency TransUnion of Canada to provide employees free credit monitoring and identity theft protection credit monitoring and identity theft protection to employees for two years. Customers can still not make online purchases except for "select books" after Indigo shut down its website and app due to a "cyberattack" last week.

When the incident started more than two weeks ago, Indigo could only process in-store cash purchases, but some of its services, such as over-the-counter credit and debit payments, exchanges, and returns, have since been revived. The company hired third-party experts to probe and resolve the issue, but the incident was not publicly acknowledged as a ransomware attack affecting employees until this week.

“Both current and former employees are being notified that their information may have been impacted,” the statement reads.

Data breaches have become common in the corporate and public sectors, with Canadian retailers experiencing an increase in cyberattacks in recent months.

Late last year, Sobeys' parent company, Empire Co. Ltd., experienced a security breach. Customers were unable to fill prescriptions at the chain's pharmacies for four days after the incident in November, and other in-store functions such as self-checkout machines, gift card use, and loyalty point redemption were unavailable for about a week.

Empire later stated that the attack would cost $25 million after insurance recoveries. 

In January, the Liquor Control Board of Ontario experienced a "malicious" cybersecurity incident that disrupted online sales, and a ransomware attack disrupted operations at Toronto's Hospital for Sick Children in December.

After a Cybersecurity Incident, the Indigo Website is Still Offline

 


Indigo's website is still down almost a week after what appears to be a cyberattack. This left the retailer with more questions than answers, leaving customers wondering what could have happened. 

It appears that the bookseller's website, which was listed on the TSX, turned dark on Wednesday, February 8. If you were trying to make a return or purchase an item using a debit, credit, or gift card and needed to do so, Indigo's brick-and-mortar stores were unable to process your transaction, which left you with no choice but to return or purchase an item using cash. 

It was reported to the company within a few hours that it had encountered a cyber security issue. The company communicated with its customers via its social media channels in the aftermath. 

During the weekend, the company had been making progress in restoring most physical store functionality, except for the ability to process returns as part of its response to the incident, which included changing the in-store payment technology.  

Although the website has been down for almost a week, the site remains down as of Tuesday afternoon. 

This is bad news for the business since it means that any online sales in the future will not be able to be processed. There are also problems for customers, like Gabriel Lee, who ordered a gift for his girlfriend online last week and was supposed to have it delivered by last Friday. However, on Valentine's Day, he is still waiting to hear when it will be delivered, and there is no indication as to when that might happen.   

He told CBC News in an interview that he does not believe there's any way to tell if the release will be this week or next week.  

On Tuesday, it was announced on social media that Indigo had not compromised the financial information of its customers, including their credit and debit cards. 

As CBC News reports in a report released on Thursday, several cybersecurity companies interviewed by CBC News claim that the incident looks like what is known as a ransomware attack from what the company has said about what has happened. When hackers attack a company's internal systems and disable them, they then demand a ransom to undo the damage that has been done to the company's internal systems. 

This issue is getting worse all the time. In 2021, when up-to-date data is available for the most recent year for which data is currently available, according to Statistics Canada, ransomware attacks accounted for 11 percent of all cyber security incidents. 

It is Becoming Increasingly Problematic 

A recent high-profile victim of ransomware was the grocery chain Sobeys. In November, the chain was hacked into and its pharmacies were inaccessible for four days as a result of the ransomware attack. Other in-store functions, like self-checkout machines, gift card redemption, and loyalty point redemption, were not functioning for about a week due to the outage of these functions. 

This incident cost the company about $25 million according to the company's most recent quarterly earnings report. 

As a cybersecurity expert, Cat Coode believes that Indigo is probably a victim of something similar that has created a potentially harmful situation. There is a substantial amount of evidence that indicates the outage was caused by something external, according to her. A major reason for this is the sheer number of systems that have to be integrated, both in-store and online. This might include inventory management and payment systems. 

The analysis of the two separate and distinct systems that were taken down indicates that this was a malicious attack and not an accident that occurred inside the organization. The fact that Cat Coode and her team saw two different systems down is a very strong indication. 

In every situation, the length of the outage depends on the cause, and the more extensive the damage will be, whichever the cause may be. Those are the words of Daniel Tsai, a lecturer in the Department of Law and Business Technology at Toronto Metropolitan University and the University of Toronto. He analyzes the issue in depth. 

He stated during an interview that a recommendation would have a significant impact on their sales and reputation. This is because consumers are generally interested in the reliability of a website, and if they cannot do that, they will not return. There will be stiffer punishment if this situation continues for a longer period. 

It is not unlikely, however, that sensitive consumer information, such as credit card details, may have been stolen from the retailer, even though Coode believes the retailer is likely the victim of an attack involving ransomware. 

Since there have been no announcements about a data breach, it appears that no one has taken the information out of the company, she said. 

There has been no breach but the minute the word breach is mentioned, you set off the alarm; you have to notify the privacy commissioner immediately. 

According to a fact sheet issued by the Office of the Privacy Commissioner of Canada, Canadian companies experiencing cybersecurity breaches involving the theft of customer data must notify the OPC of the breach "as soon as reasonably feasible." 

A spokesperson for the organization said on Friday that he was unable to provide any more information about this issue at the moment.  

There was a statement from Indigo spokesperson Melissa Perri on Tuesday, indicating that the company is working with third-party experts to investigate the situation and determine whether any data belonging to customers has been exposed.