I’m speculating here, but the recent cybersecurity incident at Indigo might not be so recent.
It just so happens that I purchased a book from the Indigo website a few weeks ago, and they were already experiencing issues:
1. I ordered to pick up the book in store, but I didn’t receive any email notification on pickup day, and my order status got stuck at “Shipping Pending”;
2. I have cancelled the order and was planning to re-order again from Amazon;
3. The next day, an employee from the Indigo store called and told me that my book was ready for pick up, and I had never been notified about that because there were some problems with their system;
4. I picked up my book, but my credit card has still not been charged two weeks later;
5. There have been no unusual charges either. π
Good book, btw.
Just remembered that Indigo is actually a public company: Indigo Books & Music Inc. (TSX:IDG).
If I were holding any shares, I would be nervous.
This breach might be serious; the website is still down after 4 days.
They will have a revenue loss, extra expenses on IT and security, and reputational damages.
If clients’ information was stolen, they can also expect a lawsuit and even bigger reputational damages.
So, I’ve checked the financial statements for last year, and Indigo is losing around C$500k in revenue per day at the moment with their website being shut down.
My estimates for two days (February 8-10) of a physical stores not accepting credit and debit cards would be somewhere around C$3m in lost revenue.
The Chapters/Indigo website is still down, and I still have not been charged for the book, which I bought more than 3 weeks ago.
So, I will keep speculating…
Possible reasons why it takes so long for Indigo to restore their website:
Even though Indigo says that customer credit and debit card information is safe, because they don’t store it in their system, some information still could be stolen, if malicious code was inserted into Indigo‘s Checkout process.
Plus, the hack might have happened a long time ago, not last week, considering that problems started before that.
Indigo finally updated its website, and now users can at least browse products, but it is not possible to login to your account or buy anything.
I’ve found out that the Indigo website is actually using Shopify, so I tried several stupid tricks, and some of them actually worked.
I created and logged in to a test account:
I even received a confirmation email about that:
I found that there has been a Boycott Chapters campaign going on since at least 2007, don’t know if that is the reason of a hack.
But boycottchapters.com domain is registered and owned by Indigo. π
There are actually lots of funny domains registered and owned by Indigo, and right now they all redirect to the Indigo website:
Hm.
The confirmation email from Indigo is interesting.
First, the phone number is 5I42O62954.
If I google it, I get some chalet rentals in Quebec:
https://sortirauquebec.com/en/listing/cottage-apartment-tourist-home/chalet-kiwis-cottage/
Which has an email address ianrichards2000[at]gmail[dot]com.
Ian Richards seems to be a real person working at Indigo:
https://ca.linkedin.com/in/ian-richards-91a7744a
Don’t know what his personal phone number is doing in this email.
And then cmacleod[at]indigo[dot]ca is probably Conner MacLeod:
https://ca.linkedin.com/in/connermacleod
2 weeks late, Indigo website is now half-functional, so I will assume they are still losing around C$250k in revenue per day.
Things are getting serious for Indigo:
Source: Any Chapters/Indigo employees with some more information?
Ransomware, huh?
Indigo wonβt pay ransom requested in February cyberattack
Looks like here is the reason why it takes so long for Indigo to restore the website: their data is encrypted and they did not have a proper backup.
Indigo‘s website is now fully operational; it took them one month.
I would estimate a total revenue loss of C$15-C$25M.
I have logged in to my account and checked my last order.
It has an “Awaiting Shipment” status, even though I cancelled it on January 27 or 28 and picked up my book on January 31.
I assume the hack has happened somewhere between these dates; that’s why the website was rolled back (in the end, they had a proper backup π ) to this state in time.