Indigo says hacked employee data may appear on ‘dark web’ this week, won’t pay ransom
Global News
The company says there are a number of reasons for not paying the ransom, including that there is no way to guarantee the data won't be released even after the payment is received.
Indigo, Canada’s biggest bookstore chain, says it expects data of current and former employees stolen in a ransomware attack last month to appear on the “dark web” as soon as Thursday, but will not pay a ransom to the “criminals” responsible.
An updated section of Indigo’s website — which was stripped down in response to the breach on Feb. 8 — lists a number of reasons for not paying the ransom, including that there is no way to guarantee the data won’t be released even after the payment is received.
“We have been informed that the criminals responsible for this attack intend to make some or all of the data they have stolen available using the dark web as early as Thursday, March 2, 2023,” the company says.
“We are continuing to work closely with the Canadian police services and the FBI in the United States in response to the attack.”
The company also says it cannot be assured the ransom payment “would not end up in the hands of terrorists or others on sanctions lists.”
“Both US and Canadian law enforcement discourage organizations from paying a ransom as it rewards criminal activity and encourages others to engage in this activity,” it adds.
The dark web refers to a subset of the internet that requires a specific browser and other configurations to access. The ominously named network is not used solely for illegal activity, but is commonly used by individuals looking to evade surveillance or law enforcement efforts.
Indigo has not publicly named the individuals or group responsible for the cyberattack, which resulted in the company suspending online purchases and in-store credit, debit and gift card payments.