Indigo employees’ data breached in ransomware attack
A ransomware assault compromised the info of present and former staff at Canada’s largest bookstore chain, Indigo Books & Music Inc. says.
In an announcement on its web site, Indigo stated the breach on Feb. 8 left no indication that prospects’ private info, corresponding to bank card numbers, had been accessed, however that “some employee data was.”
The Toronto-based retailer stated it has contracted client reporting company TransUnion of Canada to supply two years of credit score monitoring and id theft safety to employees without charge.
Customers stay unable to make purchases on-line apart from “select books,” after Indigo halted web site and app operations in what it referred to final week as a “cyberattack.”
When the incident started greater than two weeks in the past, Indigo was solely in a position to course of purchases made in retailer with money, however a few of its companies, together with over-the-counter credit score and debit funds in addition to exchanges and returns, have since been restored.
The firm engaged third-party consultants to research and resolve the matter, however didn’t publicly acknowledge the incident as a ransomware assault affecting staff till this week.
“Both current and former employees are being notified that their information may have been impacted,” the assertion reads.
Data breaches have turn out to be a well-recognized function on the company and public-sector panorama, with Canadian retailers experiencing a rising variety of cyberattacks in current months.
Sobeys father or mother firm Empire Co. Ltd. suffered a safety breach late final 12 months.
The incident in November left prospects unable to fill prescriptions on the chain’s pharmacies for 4 days, whereas different in-store features like self-checkout machines, reward card use and the redemption of loyalty factors have been off-line for a couple of week.
Empire later stated the assault was anticipated to price $25 million after insurance coverage recoveries.
The Liquor Control Board of Ontario skilled a “malicious” cybersecurity incident that affected on-line gross sales in January, and Toronto’s Hospital for Sick Children noticed a ransomware assault disrupt operations in December.
This report by The Canadian Press was first printed Feb. 24, 2023.
