Indigo ransomware attack cost millions, company says

Share post:

Canadian retailer Indigo Books and Music says a February ransomware attack “heavily impacted” its fourth quarter by millions of dollars.

The attack drove a decrease in revenue of $26.5 million to $194.2 million for the quarter ended April 1, 2023, the company said in its annual financial statement released Tuesday. That compared to revenue of $220.7 million in the prior year.

The attack “also accounted for the majority of the $19.1 million change in net loss position [in the quarter], which was a loss of $42.5 million compared to a loss of $23.4 million in the same period last year,” the company said.

The LockBit ransomware gang claimed responsibility for the attack and for stealing data of an unnamed number of employees.

Indigo maintains cyber insurance coverage, which could cover some recovery expenses. That would include $5.2 million of expenses as of April 1st.

Still, sales of goods grew despite the ransomware attack, with the company finding ways to allow shoppers to pay cash in stores and announcing some product purchasing incentives.

Indigo will hold a conference call for analysts and investors this morning to discuss the financial results.

The attack meant Indigo had to shut down its e-commerce platforms, with full online access being restored after four weeks. Stores couldn’t process electronic payments for
approximately three days. Other operational limitations hurt the company’s ability to fulfil orders for products.

Overall, the attack contributed to Indigo’s net loss for the fiscal year of $49.6 million on revenue of just over $1 billion, compared to a profit the year before of $3.3 million.

The ultimate financial impact of the attack “cannot be reasonably estimated at this time,” Indigo said.

“This has been a turbulent year for Indigo, as the progress gained from our post-pandemic re-emergence was negatively impacted by adverse macro-economic factors,” CEO Peter Ruis said in a statement. “These headwinds were furthered by the ransomware attack in our fourth quarter. I am incredibly thankful for our incredible teams, who have been working tirelessly to bring operations back to normal. Through all of this, Indigo customers continued to show their loyalty to our brand, and we are proud to have achieved merchandise sales growth. We are looking forward to injecting momentum back into the business in fiscal 2024 with the exciting launch of a new digital platform in the late summer and our new flagship store at the Well,” a mix of shops, restaurants, fresh food markets, workspaces and residences in downtown Toronto.

The post Indigo ransomware attack cost millions, company says first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways