Indigo says hacking group with Russian ties responsible for breach, won’t pay ransom

Indigo says its cybersecurity breach final month was performed utilizing a device often known as LockBit, developed by a hacking group of the identical identify that has ties to Russian organized crime.

In an announcement launched Thursday morning, the retailer stated its community was “illegally accessed” on Feb. 8, by a gaggle of criminals utilizing the LockBit device, and the perpetrators “may make some or all of the data they have stolen available using the dark web as early as today.”

Indigo stated final week, whereas no buyer info was accessed, some information belonging to present and former staff was.

Indigo additionally introduced it has refused to pay a ransom and says it’s persevering with to work with Canadian police companies and the FBI within the U.S.

“Given we cannot be assured that any ransom payment would not end up in the hands of terrorists or others on sanctions lists, Indigo has determined it would be inappropriate to pay the ransom. We have no indication that there is any risk to customers because of this illegal attack,” the corporate stated.

The cybersecurity assault took Indigo’s on-line retailer and in-store digital cost programs offline. While the corporate’s in-store cost programs had been restored after just a few days, Indigo has needed to create a brief web site that solely permits for looking.

The FBI has described LockBit as “one of the most active and destructive ransomware variants in the world,” and since 2020 hackers utilizing the device have focused over 1,000 organizations throughout Canada, the U.S. and world wide.

LockBit’s Canadian targets have included SickKids Hospital in Toronto in addition to the municipalities of St. Mary’s, Ont. and Westmount, Que. In November 2022, the FBI arrested Mikhail Vasiliev, a Russian-Canadian twin citizen alleged to have been concerned with the LockBit marketing campaign.