Canada’s largest bookstore chain, Indigo Books & Music, has been cyberattacked. As a result, the company’s website was disabled, and you can only pay for purchases in cash. Representatives of Indigo do not exclude that hackers could steal customer data.
In the middle of this week, Indigo announced that “technical issues” were preventing access to the site, and shoppers in physical stores could only pay in cash. In addition, the company said that transactions with gift cards are temporarily unavailable, and delays are expected in the delivery of online orders.
Soon, Indigo representatives explained that the company’s computer systems were affected by a cyber attack, and the incident was currently being investigated, in which third-party information security experts were involved.
So far, the company has not provided any technical details of what happened, but it is known that investigators are currently trying to determine whether the attackers managed to access Indigo customer data and steal this information.
Since Indigo said it was working to restore its systems, it is likely that the company was hit by a ransomware attack. The fact is that cybercriminals often target big brands, and with annual revenues of more than 1 billion Canadian dollars, and Indigo meets these criteria.
Interestingly, according to Bleeping Computer, which cites Kela analysts, at the beginning of this year, at least one marketplace on the dark web was selling Indigo credentials stolen by infostealers such as Redline, Vidar and Raccoon. Because of this, the researchers believe that the hackers could have used this data to gain access to the Indigo network.