Company refusing to pay ransom to criminals
After a ransomware attack sidelined a major Canadian bookseller’s web site, the company says it expects employee data will appear on the “dark web” soon.
“We have been informed that the criminals responsible for this attack intend to make some or all of the data they have stolen available using the dark web as early as Thursday, March 2, 2023,” said Indigo in a Global News report.
“We are continuing to work closely with the Canadian police services and the FBI in the United States in response to the attack.”
But Indigo is refusing to pay ransom for the breach because it cannot be assured the ransom payment “would not end up in the hands of terrorists or others on sanctions lists.”
“Both US and Canadian law enforcement discourage organizations from paying a ransom as it rewards criminal activity and encourages others to engage in this activity,” said Indigo in the Global News report.
Indigo cites police authorities who advise against this type of payment, which would breed more actions against organizations.
Recently, TELUS was also hit by a similar attack. “Today we’re selling email lists of TELUS employees from a very recent breach,” said a Feb. 17 post by “Sieze,” according to IT World Canada.
Indigo said an investigation had revealed its network was illegally accessed by criminals who deployed ransomware software known as “LockBit”.
“Although we do not know the identity of the criminals, some criminal groups using LockBit are located in or affiliated with Russian organized crime. We are continuing to work closely with the Canadian police services and the FBI in the United States in response to the attack,” said Indigo on its website.
“We have also notified and are cooperating with law enforcement. We deeply regret this incident and are committed to ensuring employees have the support they need.”