Advertisement 1

What's next for Indigo one month after cyberattack?

Canada's biggest bookstore chain is back online, although, still grappling with the fallout from last month's cyberattack

Article content

One month after a cyberattack hit Indigo Books & Music Inc., Canada’s biggest bookstore chain is back online, although, still grappling with the fallout.

“A month has passed but it’s not back to normal for Indigo,” said Charles Finlay, executive director of Rogers Cybersecure Catalyst at Toronto Metropolitan University.

Article content

“It’s a reflection of the complexity and seriousness and potentially devastating impacts of cybersecurity attacks on major businesses.”

Advertisement 2
Story continues below
Article content

The company’s website appears to be back, although a notice suggests that the online inventory is in the process of being updated. It is still recommended that consumers contact local stores to ensure a specific product is in stock and available for purchase.

On Feb. 8, the ransomware attack began and Indigo’s website and payment systems were booted offline.

The Toronto-based company’s website, which had been limited to selling “select books” in recent days, appeared to be offering its full range of goods for sale on Wednesday morning while current and former employees are bracing for their personal information to be posted on the so-called dark web.

The bookstore chain said its network was hijacked via a ransomware software known as LockBit.

The hack plunged the company into turmoil as its e-commerce operations and in-store debit and credit card payment systems were halted.

The bookstore managed to quickly restore its payment systems and soon after launched a temporary browsable-only website.

The retailer recently revealed that it decided not to pay the ransom as it could not be assured that a ransom payment “would not end up in the hands of terrorists or others on sanctions lists.”

Article content
Advertisement 3
Story continues below
Article content

“There’s a calculation that comes down to dollars and cents and risk and reward,” Finlay said. “Now we’re seeing what plays out when you don’t pay a ransom.”

Indigo declined an interview request for this story.

The company isn’t alone in being targeted by online hackers.

Sobeys parent company Empire Co. Ltd., the Liquor Control Board of Ontario, or LCBO, and Toronto’s Hospital for Sick Children, or SickKids, all recently fell victim to cyberattacks, underscoring just how pervasive cybersecurity issues are becoming.

“Everyone is getting hit and sometimes the damage is far more comprehensive than anticipated,” said Robert Falzon, head of engineering at Check Point Canada.

“In the past, some organizations have actually chosen insurance as their cybersecurity weapon of choice,” he said. “It was cheaper to insure against a major breach than to actually implement correct security and training. But that’s going to start changing.”

It’s unclear when Indigo’s website will be fully restored or how much employee data will be leaked online.

Even a month after the hack, Indigo’s investigation is likely still uncovering the full scope of the damage, Falzon said.

Advertisement 4
Story continues below
Article content

“This isn’t over yet for Indigo,” he said. “They are still probably figuring out exactly what happened.”

Meanwhile, retail experts say the biggest risk to Indigo is the potential loss of customers.

Although losing some online sales connected to Valentine’s Day and now potentially March break and Easter could make for a tough quarter, they say the loss of customer loyalty is a bigger long-term threat.

“The stores are fully up and running and in the grand scheme of things that’s the most important thing,” said Lisa Hutcheson, managing partner at consulting firm J.C. Williams Group.

“But the challenge will be trust and perception issues,” she said. “It could take some customers a while to return to Indigo. They might be really nervous.”

Indigo’s transparency throughout the cybersecurity crisis will go a long way towards reassuring some customers, Hutcheson said.

Recommended from Editorial
  1. Indigo said its network was illegally accessed on Feb. 8 using ransomware software.
    Indigo refuses to pay ransom in cyberattack, calls it 'inappropriate'
  2. Shoppers wait in line to enter the , Indigo Books & Music Inc. store in Toronto's Sherway Gardens mall.
    Indigo employees' data breached in ransomware attack
  3. An Indigo Books & Music store in Toronto.
    Indigo website still offline one week after cybersecurity incident

And a sale wouldn’t hurt.

Advertisement 5
Story continues below
Article content

“Everybody likes a sale,” she said. “A friends-and-family sort of event could be helpful. But I don’t think it needs to be a sale.”

Extra Plum Rewards points to recognize customer loyalty or other offers could entice some reluctant customers to shop at the bookstore once again, she said.

Tamara Szames, Canadian retail industry adviser with The NPD Group, echoed Hutcheson’s thoughts.

“Promotions are very attractive to the Canadian consumer right now. However, is that a tactic to gain back loyalty? It may increase sales and revenue, but if you’re looking to gain consumer loyalty and trust back, it’s really about putting your best foot forward.”

Supporting employees through the breach, sharing with customers how they will safeguard their personal information and being transparent about the process as they move forward will help Indigo earn and regain loyalty, she said.

Article content
Comments
You must be logged in to join the discussion or read more comments.
Join the Conversation

Postmedia is committed to maintaining a lively but civil forum for discussion. Please keep comments relevant and respectful. Comments may take up to an hour to appear on the site. You will receive an email if there is a reply to your comment, an update to a thread you follow or if a user you follow comments. Visit our Community Guidelines for more information.

This Week in Flyers