Market Herald logo


Be the first with the news that moves the market

Indigo Books & Music (IDG) is among the latest companies that have fallen victim to a ransomware attack.

A report by Cybersecurity Ventures stated that cybercrime is projected to cost the world $10.5 trillion annually by 2025, up from $3 trillion in 2015.

Ransomware attack

According to its FAQs section on its site, Indigo was hacked on February 8 and has engaged third-party experts to aid in the investigation in hopes of resolving the situation.

The company added, “There is no reason to believe customer data has been accessed, but we [can’t say the same for employees].” Perhaps a more sullen aspect of the ordeal is that this also affected former employees.

Given that the damage has already been done, efforts are being placed on strengthening cybersecurity practices and enhancing data security. Also added as an effort of prevention is a review of existing controls that are in place.

In addition to working with third-party experts, Indigo has also insisted on the help of authorities and has reached out to TransUnion of Canada for assistance.

TransUnion of Canada has offered two years of credit monitoring through myTrueIdentity and will provide free identity theft protection services.

The company also notified the public that the app is not working and is not accepting Indigo gift cards for online payments. 

The aftermath is still playing out despite being hard at work trying to get the business back to its usual. Knowing what the future will hold for the stolen information is a current concern as it is unknown.

Indigo has been encouraged to embrace a ‘we’re not gonna take it’ attitude with the company sitting, “The privacy commissioners do not believe that paying a ransom protects those whose data has been stolen, as there is no way to guarantee the deletion/protection of the data once the ransom is paid,” added a source from the company.

March 2 release of personal information

However, Indigo was informed that the people responsible for the attack intended to take the data they had on hand and release it to the dark web today, March 2, 2023. The dark web is a concealed section of the net and can only be accessed using specialized software such as Tor.

Once released, people use the information for identity theft, financial fraud, cyber espionage, blackmail, and for the sale of illegal goods and services. 

Cyberattacks are responsible for loss of revenue, damages to reputation, and legal liability. 

Many small businesses can’t survive if they experience attacks such as this one. Recovering from them proves to be highly financially taxing and near impossible.

Indigo came from a humble beginning. Founded in 1996, the first brick-and-mortar store opened in 1997 in Burlington, Ontario. Fast forward to today, and it employs over 4,100 employees, according to its LinkedIn page and has become the nation’s largest bookstore chain.

The corporation encourages people who think they may be victims of this latest ransomware attack to be on the lookout for an email or a letter from TransUnion. 

Indigo Books & Music (IDG) is down .51 per cent, trading at $1.94 at close on March 2.

More From The Market Herald

" NEO Battery Materials (TSXV:NBM) advances construction at South Korean commercial plant

Neo Battery Materials (NMO) advances construction at its South Korean commercial plant.

" Zentek (TSXV:ZEN) announces ZenGUARD antimicrobial testing results

Zentek (ZEN) has successfully completed antimicrobial testing on its ZenGUARD-coated mask material.

" Novo Resources (TSX:NVO) begins drilling at high-grade gold Catia prospect

Novo Resources (NVO) has begun drilling at the high-grade gold Catia prospect at its Bellary Dome Project in Australia.

" CEMATRIX (TSXV:CVX) announces $4.5M in new contracts

CEMATRIX (CVX) has announced new contracts worth C$4.5 million.