Indigo says ransomware attack breached data of current and former employees


By Christopher Reynolds The Canadian Press Posted February 24, 2023 2:58 pm Updated February 24, 2023 3:38 pm 4:34 Protect your business’s social media presence, avoid ‘copycat’ scammers The Copycat Cyber Scam has once again hit local businesses. Small businesses using social media for contests and connecting with clients have found scammers moving in, looking to compromise customers’ financial security and leaving local businesses with all the repair work. With more on protecting the bottom line and reputation, digital marketing planner Sofie Andreou tells Teresa Kaszuba about the effect of these scams and what you can do to prevent them – Jan 23, 2023 A ransomware attack compromised the data of current and former employees at Canada’s biggest bookstore chain, Indigo Books & Music Inc. says. In a statement on its website, Indigo said the breach on Feb. 8 left no indication that customers’ personal information, such as credit card numbers, had been accessed, but that “some employee data was.”The Toronto-based retailer said it has contracted consumer reporting agency TransUnion of Canada to offer two years of credit monitoring and identity theft protection to workers at no cost.Customers remain unable to make purchases online except for “select books,” after Indigo halted website and app operations in what it referred to last week as a “cyberattack.” Story continues below advertisement When the incident began more than two weeks ago, Indigo was only able to process purchases made in store with cash, but some of its services, including over-the-counter credit and debit payments as well as exchanges and returns, have since been restored.The company engaged third-party experts to investigate and resolve the matter, but did not publicly acknowledge the incident as a ransomware attack affecting employees until this week.“Both current and former employees are being notified that their information may have been impacted,” the statement reads. Trending Now 2:00 Canadians warned of growing ‘hostile’ cyber threats The federal Office of the Privacy Commissioner confirmed to Global News in a statement Friday that it had received notice of a breach from Indigo and are in communication with the company about next steps. Story continues below advertisement A spokesperson for the privacy commissioner said the office has not received any complaints about the matter.Data breaches have become a familiar feature on the corporate and public-sector landscape, with Canadian retailers experiencing a growing number of cyberattacks in recent months.Sobeys parent company Empire Co. Ltd. suffered a security breach late last year.The incident in November left customers unable to fill prescriptions at the chain’s pharmacies for four days, while other in-store functions like self-checkout machines, gift card use and the redemption of loyalty points were off-line for about a week.Empire later said the attack was expected to cost $25 million after insurance recoveries.The Liquor Control Board of Ontario experienced a “malicious” cybersecurity incident that affected online sales in January, and Toronto’s Hospital for Sick Children saw a ransomware attack disrupt operations in December.— with files from Global News’s Craig Lord &copy 2023 The Canadian Press Sponsored content Flyers

Share post:




More like this