Indigo says hacked employee data may appear on ‘dark web’ this week, won’t pay ransom


Indigo, Canada’s biggest bookstore chain, says it expects data of current and former employees stolen in a ransomware attack last month to appear on the “dark web” as soon as Thursday, but will not pay a ransom to the “criminals” responsible. An updated section of Indigo’s website — which was stripped down in response to the breach on Feb. 8 — lists a number of reasons for not paying the ransom, including that there is no way to guarantee the data won’t be released even after the payment is received.“We have been informed that the criminals responsible for this attack intend to make some or all of the data they have stolen available using the dark web as early as Thursday, March 2, 2023,” the company says.“We are continuing to work closely with the Canadian police services and the FBI in the United States in response to the attack.” Story continues below advertisement The company also says it cannot be assured the ransom payment “would not end up in the hands of terrorists or others on sanctions lists.”“Both US and Canadian law enforcement discourage organizations from paying a ransom as it rewards criminal activity and encourages others to engage in this activity,” it adds.The dark web refers to a subset of the internet that requires a specific browser and other configurations to access. The ominously named network is not used solely for illegal activity, but is commonly used by individuals looking to evade surveillance or law enforcement efforts. Trending Now Indigo has not publicly named the individuals or group responsible for the cyberattack, which resulted in the company suspending online purchases and in-store credit, debit and gift card payments.The Toronto-based retailer has repeatedly assured that no customer data was compromised by the incident, saying it does not store payment information. 2:10 Ransomware attack delays Toronto’s SickKids lab results, systems could be offline for weeks Last week, the company publicly admitted for the first time the attack had affected the data of current and former employees, after engaging third-party experts to investigate and resolve the matter. Story continues below advertisement Workers are being offered two years of credit monitoring and identity theft protection by consumer reporting agency TransUnion of Canada at no cost.Data breaches have become a familiar feature on the corporate and public-sector landscape, with Canadian retailers experiencing a growing number of cyberattacks in recent months.Last week, Telus told Global News it is investigating recent claims that “a small amount” of employee information as well as company source code was posted to the dark web as part of a data breach.Sobeys parent company Empire Co. Ltd. also suffered a security breach late last year.The incident in November left customers unable to fill prescriptions at the chain’s pharmacies for four days, while other in-store functions like self-checkout machines, gift card use and the redemption of loyalty points were off-line for about a week.The Liquor Control Board of Ontario experienced a “malicious” cybersecurity incident that affected online sales in January, and Toronto’s Hospital for Sick Children saw a ransomware attack disrupt operations in December. &copy 2023 Global News, a division of Corus Entertainment Inc.

Share post:




More like this

More students turning to food banks as inflation shrinks already tight budgets

A local students’ association has seen significant increase...

Hundreds sign petition against Vernon, B.C. cemetery rules

Rules restricting the kind of tributes allowed to...

Guilbeault wants stronger links with Alberta on issues of oilsands tailings ponds

Federal Environment Minister Steven Guilbeault has repeated his...

Okanagan vape, cannabis store owners voice concerns about window coverings

A Penticton, B.C., vape shop owner is calling...