Revealed - Indigo refused to pay ransomware gang

The deadline to pay has come and gone without incident

Revealed - Indigo refused to pay ransomware gang


By Lyle Adriano

Slammed by ransomware for the past couple of weeks, Indigo Books & Music ultimately chose not to pay a ransom despite a threat that stolen employee data would be leaked.

And while the ransomware group responsible claimed that it had released the sensitive information when its demands were not met, there has been no evidence so far that a leak has actually occurred, news outlets report.

Last Wednesday, Indigo said it would not agree to payment demands from a cybercriminal group which claimed it was affiliated with the LockBit ransomware website. The book chain reasoned that it did not want to pay because it could not guarantee that the cash would not be used by terrorists.

The cyber threat actors then threatened to post all of the Indigo employee information it had stolen in its most recent attack publicly. A countdown timer was posted across the LockBit dark web forum, which counted down until the data would be supposedly leaked on March 02, 2023, at 3:39 p.m. ET.

But the deadline passed seemingly without any leak occurring. While the LockBit forums said that the data had indeed been leaked, CBC News and an independent security analyst could not find any evidence of the stolen information on the dark web.

While the data does not seem to be out in the wild, it might just be a matter of time until the hackers truly leak the information, said Sophos field chief technology officer Chester Wisniewski.

"They are criminals, after all. They are not obligated to do anything that they say they're going to do," Wisniewski told CBC News, adding that it must still be assumed that the employee data is compromised.

What are your thoughts about this ransomware incident? Let us know in the comments below.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!