Sales online can't be processed and sales in-store limited to cash only
Indigo Books & Music Inc. is dealing with what it calls a "cybersecurity incident" that has affected customer orders in-store and online.
It started at the Toronto-based retailer on Wednesday. As of Thursday evening, Indigo's website was still offline.
"We are working with third-party experts to investigate and resolve the situation," the company said in a message posted on its website.
"Our hope is to have our systems back online as soon as possible."
Indigo says it can't process electronic payments, accept gift cards or deal with returns. Physical stores are limited to processing sales with cash only.
- Intelligence agency says ransomware group with Russian ties poses 'an enduring threat' to Canada
The company hasn't given much detail about what is going on, but David Masson, director of enterprise security at cybersecurity firm Darktrace, says the sheer length of the problem suggests it wasn't an internal error, and rather an instance of ransomware, where hackers steal information, lock systems and demand a ransom to release them.
"Their point-of-sale system has gone down... and they've also said that they're unable to take returns anymore, which kind of implies that they're unable to bring stock back into the system."
If "just a small part of an organization is going down, it's probably not ransomware," he said. "But if it's more widespread, that's kind of a hint that it might be."
Ransomware "really does muck up your organization, and it's not going to get fixed in a few hours," he said.
Latest retail attack
If it is ransomware, it means the company has joined a growing list of Canadian retailers to have fallen victim just in the past few months.
Sobeys parent company Empire Co. Ltd. recently grappled with a security breach that shut down its pharmacy services and other in-store functions.
The cybersecurity event in early November left customers unable to fill prescriptions for four days, while other in-store functions like self-checkout machines, gift card use and the redemption of loyalty points were offline for about a week.
Empire said in December the incident is expected to cost $25 million after insurance recoveries.
Enza Alexander, vice-president with cybersecurity firm ISA, is shown outside holding a handrail on a set of stairs.
Enza Alexander is a vice-president with cybersecurity firm ISA. (ISA)
Enza Alexander, a vice-president at cybersecurity firm ISA, says that while she has no first-hand knowledge of what's happening at Indigo, retailers are becoming popular targets for cybercriminals because of the rise of online shopping — and they're more noticeable when they happen because they are in the public eye.
"Financial gains [are] how the cybercriminals are generating dollars to feed their endeavours," she told CBC News.
While she says it's too early to tell what's happened at Indigo, her advice for consumers boils down to basic common sense.
"I've always advised people close to me 'You're one click away from making the wrong click,'" she said.
Source: https://www.cbc.ca/news/business/indigo-cybersecurity-1.6742230