Indigo Books & Music (IDG) is among the latest companies that have fallen victim to a ransomware attack.
A report by Cybersecurity Ventures stated that cybercrime is projected to cost the world $10.5 trillion annually by 2025, up from $3 trillion in 2015.
Ransomware attack
According to its FAQs section on its site, Indigo was hacked on February 8 and has engaged third-party experts to aid in the investigation in hopes of resolving the situation.
The company added, “There is no reason to believe customer data has been accessed, but we [can’t say the same for employees].” Perhaps a more sullen aspect of the ordeal is that this also affected former employees.
Given that the damage has already been done, efforts are being placed on strengthening cybersecurity practices and enhancing data security. Also added as an effort of prevention is a review of existing controls that are in place.
In addition to working with third-party experts, Indigo has also insisted on the help of authorities and has reached out to TransUnion of Canada for assistance.
TransUnion of Canada has offered two years of credit monitoring through myTrueIdentity and will provide free identity theft protection services.
The company also notified the public that the app is not working and is not accepting Indigo gift cards for online payments.
The aftermath is still playing out despite being hard at work trying to get the business back to its usual. Knowing what the future will hold for the stolen information is a current concern as it is unknown.
Indigo has been encouraged to embrace a ‘we’re not gonna take it’ attitude with the company sitting, “The privacy commissioners do not believe that paying a ransom protects those whose data has been stolen, as there is no way to guarantee the deletion/protection of the data once the ransom is paid,” added a source from the company.
March 2 release of personal information
However, Indigo was informed that the people responsible for the attack intended to take the data they had on hand and release it to the dark web today, March 2, 2023. The dark web is a concealed section of the net and can only be accessed using specialized software such as Tor.
Once released, people use the information for identity theft, financial fraud, cyber espionage, blackmail, and for the sale of illegal goods and services.
Cyberattacks are responsible for loss of revenue, damages to reputation, and legal liability.
Many small businesses can’t survive if they experience attacks such as this one. Recovering from them proves to be highly financially taxing and near impossible.
Indigo came from a humble beginning. Founded in 1996, the first brick-and-mortar store opened in 1997 in Burlington, Ontario. Fast forward to today, and it employs over 4,100 employees, according to its LinkedIn page and has become the nation’s largest bookstore chain.
The corporation encourages people who think they may be victims of this latest ransomware attack to be on the lookout for an email or a letter from TransUnion.
Indigo stock (TSX:IDG) is down .51 per cent, trading at $1.94 at close on March 2.