Indigo Books and Music has announced that it has restored its website – but it is only allowing shoppers to browse products, as the ability to purchase online remains disabled following the cyberattack that recently rocked the bookstore chain.
The book chain first reported that it suffered a cybersecurity incident that affected its systems on February 08. An official statement from the company said that it had “immediately engaged with third party experts” to investigate and resolve the situation.
Even a week after the cybersecurity incident occurred, the website remained unavailable. It has now been restored, but the ability to make online purchases is disabled for the time being.
The restored Indigo website stated that Indigo’s investigation is still underway, “but not yet complete.” The store also gave assurances that customer credit card and debit card information was not compromised by the recent cybersecurity incident, as Indigo does not store full payment card data in its systems.
“At this time, we can share that our investigation has found no indication that customer data was compromised by the recent cybersecurity incident,” Indigo indicated on its website for customers to see. “The security and integrity of your data is our top priority. If at any point in the future we determine that personal data has been compromised, we commit to contacting those impacted directly.”
BleepingComputer had suspected that the cybersecurity incident affecting Indigo may have been ransomware related. The tech news outlet reached out to a threat intelligence company, which had discovered that a cybercrime market was selling Indigo credentials in January and February.