Indigo still grappling with fallout from recent cyber attack

Indigo still grappling with fallout from recent cyber attack

The February 8 cyberattack froze Indigo’s e-commerce operations and in-store payment systems, with its website remaining offline a week after the incident.

Indigo later said in an updated FAQ page that its investigation yielded “no reason to believe customer data has been improperly accessed,” but added that “some” employee data may have been compromised.

It also confirmed that the incident was a ransomware attack, and said that it had “engaged third-party experts to investigate and resolve the situation.”

According to Indigo, the perpetrators of the attack used ransomware software called LockBit, which is affiliated with Russian organised crime.

The company has also revealed that it chose not to pay the ransom demanded by the hackers, fearing that the money could end up in the hands of terrorists or individuals on sanctions lists.

Retail industry experts have cautioned Indigo of potential customer loss and said that transparency about the cyberattack will go a long way in reassuring customers. 

“The stores are fully up and running and in the grand scheme of things that’s the most important thing,” Lisa Hutcheson, managing partner at consulting firm J.C. Williams Group, told The Canadian Press. “But the challenge will be trust and perception issues. It could take some customers a while to return to Indigo. They might be really nervous.”

“[Promotions] may increase sales and revenue, but if you’re looking to gain consumer loyalty and trust back, it’s really about putting your best foot forward,” added Tamara Szames, an industry adviser with The NPD Group.

Meanwhile, Charles Finlay, executive director of Rogers Cybersecure Catalyst at Toronto Metropolitan University, said Indigo’s ongoing challenges reflect the seriousness and potentially devastating impacts of cybersecurity attacks on major businesses.

See also  How to combat supply chain disruption

There has been a string of cyberattacks hitting Canadian businesses lately, with sporting goods retailer Running Room and Markham-based manufacturer Exco Technologies among the recent victims.

What are your thoughts about the increasing number of cyberattack incidents affecting Canadian businesses? Let us know in the comments below.