LockBit ransomware attack compromises Indigo employee data

Canadian bookstore chain Indigo has disclosed being impacted by a LockBit ransomware attack on Feb. 8 that has compromised current and former employees' personal data, SecurityWeek reports. Such a ransomware attack has prompted Indigo to shut down certain systems although online payments and exchanges and returns have already been restored. Moreover, no customer data, as well as credit and debit information, were exposed during the incident, according to Indigo. Both Canadian authorities and the FBI have been informed regarding the incident, with Indigo emphasizing that it would not pay the ransom demanded by LockBit, which has warned about leaking the stolen data this week. "The privacy commissioners do not believe that paying a ransom protects those whose data has been stolen, as there is no way to guarantee the deletion/protection of the data once the ransom is paid. Both US and Canadian law enforcement discourage organizations from paying a ransom," said Indigo.