The largest chain of bookstores in Canada, Indigo Books & Music, was the victim of a hack yesterday, forcing the business to restrict online payments to cash and shut down its website for customers. Although the precise nature of the breach is still unknown, Indigo does not rule out the possibility that hackers may have acquired consumer data.
The company stated on Wednesday that consumers could only make cash payments in person due to “technical problems” with the website. The business also advised that online orders would experience delays and that gift card transaction were unavailable.
A few hours later, Indigo revealed that its computer systems had been the victim of a cyberattack and that it was looking into the matter with outside assistance. The business did not specify the type of cybersecurity problem it is now investigating, but it did say that it is working to find out whether the intruders were able to access and/or take consumer data.
A cyber-attack forced Canada's largest bookstore, Indigo, to shut down its website and revert to cash-only payments. #cybersecurity https://t.co/txY3Etz6ul
— tegocyber (@tegocyber) February 9, 2023
Malware Used To Gain Access To Indigo’s Network
A ransomware attack is another situation that frequently results in a data breach because hackers take data and threaten to disclose it unless the victim pays the ransom. According to the Canadian bookstore, efforts are being made to repair the systems.
Cybercriminals frequently target well-known brands, and Indigo fits the bill with more than $1 billion in annual CAD revenue. The business sells “things on everything baby,” as well as books, periodicals, toys, cosmetics and wellness products, and gadgets, including smart home appliances.
There are thousands of employees employed by Indigo, which also runs 86 superstores, 123 small format stores, and the Chapters and Indigo brands.
The findings are still in their early stages, and the company hasn’t provided any information on the method used to access its systems, but it’s possible that the hackers employed malware that stole information to get access to Indigo’s network.
According to threat intelligence firm Kela in February and January, at least one cybercrime market was selling Indigo credentials that had been taken by data-stealing malware like Redline, Vidar, and Raccoon.
Such a virus gathers information about the machine and searches for sensitive data on the infected system. All of this works to build a hacker profile that would enable them to access the compromised host without raising any alerts.
Conclusion
The company Indigo Books & Music Inc. is coping with a “cybersecurity problem” that has impacted both in-store and online consumer orders. On Wednesday, it began at the shop in Toronto. The company’s website was still down as of Thursday night. According to a statement on its website, “We are collaborating with outside specialists to look into and address the matter.” Our goal is to bring our systems back up quickly. According to Indigo, it is unable to handle returns, accept gift cards, or process electronic payments. Sales can only be processed in physical stores using cash.