Canadian bookseller Indigo confirmed that employee data was involved in a ransomware attack that took down its website last month. The multibillion-dollar company stated that there is no evidence to suggest customer data was accessed improperly but did not reveal how many employees were affected or what type of data was accessed.
Current and former employees will be notified by identity theft management company Cyberscout about the breach, with those without email addresses on file being sent letters in the mail.
Indigo is cooperating with law enforcement and will provide two years of free credit monitoring and identity theft protection services to affected employees.
The LockBit cybercrime gang claimed responsibility for the attack on Indigo and has given the company until Thursday to pay a ransom before the information is leaked.
LockBit was the most prolific ransomware gang operating last year, launching hundreds of attacks on government agencies, companies, and organizations globally.
In recent weeks, the group has caused particular outrage with attacks on a US bus system, a Canadian children’s hospital, one of the biggest ports in Europe, and a British postage and courier company.
Indigo has been criticized by several current and former employees for its statement on Twitter about the attack, which made no mention of the employee information accessed.
Some said they did not receive the breach notification letters because their personal email and address had changed since leaving Indigo. The company has since clarified the situation in an FAQ, explaining that online ordering is still limited, the Indigo app is unusable, and order status and delivery estimate systems are down. If personal data is found to have been compromised in the future, Indigo committed to contacting those affected directly.
This incident follows similar ransomware attacks on major retailers in recent years, with cybercriminals targeting businesses of all sizes and sectors.
The trend of ransomware attacks shows no signs of slowing down, and organizations need to take proactive steps to protect themselves from this growing threat. This includes implementing robust cybersecurity measures and regularly backing up critical data to prevent the loss of sensitive information.
