Major Canadian bookstore chain Indigo still hampered by cyberattack

“Our stores are open across the country and are excited to see you,” a statement from Indigo read following the cyberattack. “Please note, we are only available for cash transactions and are unable to accept gift card purchases or process returns at this time.”

Indigo also indicated in its statement that its teams are “working hard” to resolve the situation “as quickly as possible.”

“Our hope is to have our systems back online as soon as possible. In the interim, our website will remain unavailable.”

The website remains unavailable as of Tuesday, CBC News reported.

It was noted that Indigo did not disclose the type of cybersecurity incident it is dealing with but has confirmed that it is trying to determine whether the intruders managed to gain access to and steal customers’ data.

Tech news portal BleepingComputer suspects that the cyber incident affecting Indigo may be ransomware related. It reached out to threat intelligence company Kela, which found that at least one cybercrime market was selling Indigo credentials in January and February. These credentials were stolen through malware such as Redline, Vidar, and Raccoon.

Last month, sporting goods retailer Running Room reported that it had suffered its own cyber incident, which may have resulted in the theft of customers’ sensitive data. Customers who made purchases from the company’s online store between November 19, 2022, and January 18, 2023, have been potentially compromised by the hackers, the company warned.