Two weeks after it first reported suffering a cyberattack, Indigo Books and Music has finally confirmed that the incident involved ransomware – and that its employees’ data may have been compromised as a result.
Initially, the book chain reported suffering a cyberattack on February 08, 2023 but did not disclose any more details about the breach. Indigo, however, had pledged to determine whether the cyber attackers stole customers’ data.
In an updated FAQ page on its website – which was recently restored, but with limited functionality – Indigo indicated that through its investigation, it came to the conclusion that “there is no reason to believe customer data has been improperly accessed.” However, it suspects that instead “some” employee data was compromised.
“We are notifying all affected employees,” the book chain said in its updated FAQ. “We have also notified and are cooperating with law enforcement.”
Indigo also said that both current and former employees are being notified that their information may have been compromised. The store is additionally offering current and former employees two years of credit monitoring services courtesy of TransUnion Canada at no charge.
The store has managed to restore the online sales of books on its website, but other non-book items will have to wait a bit more.
BleepingComputer had already suspected that the cyberattack on Indigo was ransomware in nature, and had reached out to a threat intelligence company, which found Indigo credentials being sold on the cybercrime market in January and February.