Indigo Books & Music, Canada’s largest bookstore chain suffered a cyberattack yesterday causing the company to make the website unavailable to customers and only accept cash payments.
The exact nature of the incident remains unclear but Indigo does not rule out that hackers may have stolen customer data.
Cash payments only
On Wednesday, Indigo announced that “technical issues” were preventing access to the website and that customers in brick-and-mortar stores could only pay in cash.
In addition, the company announced that gift card transactions were not possible and that there may be delays with online orders.
A few hours later, Indigo revealed that its computer systems were subject to a cyberattack and that it was investigating the incident with the help of external experts.
The company has not disclosed the type of cybersecurity incident it is currently facing, but said it is trying to determine whether intruders managed to access and/or steal customer data.
Since Indigo said it is working to restore the systems, another possibility would be a ransomware attack, which usually results in a data breach as hackers steal data and threaten to release it unless the victim pays the ransom.
Cyber criminals often target big brands and with an annual revenue of over CAD $1 billion, Indigo fits the bill.
The company’s operations include the sale of books, magazines, toys, beauty and wellness products, and even “baby gear” and electronics such as smart home devices.
Indigo has thousands of employees, 86 hyperstores under the Chapters and Indigo banners, and 123 small-format stores.
Information-stealing malware
Although it is still early in the investigation and the company has not released any information about the method used to breach its systems, the hackers may have used the data collected by the information-stealing malware to gain access to Indigo’s network.
BleepingComputer learned from threat intelligence firm Kela that at least one cybercrime marketplace was selling Indigo credentials stolen by information-stealing malware such as Redline, Vidar and Raccoon in February and January.
Such malware searches for sensitive information on the infected system and also collects details about the machine. All of this serves to create a profile that would allow hackers to access the compromised host without triggering alarms.
Fuente: https://www.bleepingcomputer.com/news/security/largest-canadian-bookstore-indigo-shuts-down-site-after-cyberattack/
Cyber security enthusiast. Information security specialist, currently working as a risk infrastructure specialist and researcher.
Experience in risk and control processes, security audit support, COB (business continuity) design and support, work group management and information security standards.
Send news tips to [email protected] or www.instagram.com/iicsorg/.
You can also find us on Telegram www.t.me/noticiasciberseguridad