Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Indigo Books & Music, the largest bookstore chain in Canada, experienced a cyber attack, leading the company to temporarily shut down its website and only allow cash payments. The details of the incident have yet to be determined, but Indigo is not excluding the possibility of customer data being compromised by the hackers.
On Wednesday, Indigo reported “technical issues” causing disruptions in accessing their website and restricted payment options at their physical stores to cash only. They also advised that gift card transactions were unavailable and online orders could face potential delays.
“We experienced a cybersecurity incident earlier today and are working with third-party experts to investigate and resolve the situation. (…) Our hope is to have our systems back online as soon as possible. In the interim, our website will remain unavailable. At this time, we look forward to we look forward to welcoming customers in our stores for cash transactions; we are temporarily unable to process electronic payments, or to accept gift cards or returns.”
Ongoing Investigation
A few hours after the initial announcement, Indigo revealed that its computer systems had been subjected to a cyberattack and that it was working with third-party experts to investigate the matter.
The nature of the cybersecurity incident has not been disclosed, but the company is trying to determine if the attackers were able to gain access to or steal customer data. The possibility of a ransomware attack, which typically leads to a data breach and the theft of data that is then threatened to be published if the ransom is not paid, cannot be ruled out, explains Bleeping Computer.
As a brand with an annual revenue of over CAD $1 billion, Indigo is a likely target for cybercriminals. With thousands of employees and 209 stores, including 86 superstores under the Chapters and Indigo banners and 123 smaller format stores, Indigo is a significant player in the retail industry. The company offers a wide range of products, including books, magazines, toys, beauty and wellness items, baby products, and electronics such as smart home devices.
Infostealing Malware
At this stage of the investigation, it is not yet clear how the hackers were able to breach Indigo’s systems. However, it is possible that they used data obtained from information-stealing malware.
According to threat intelligence experts, there were reports of stolen Indigo credentials being sold on at least one cybercrime market in February and January, which were likely obtained through malware such as Redline, Raccoon and Vidar.
This type of malware searches for sensitive information on infected systems and creates a profile of the machine. This information is then used to gain access to the compromised host without being detected.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.
