Indigo says employees’ personal banking information may have been breached in hack that brought down website

Indigo employees’ personal information, including bank account and social security numbers may have been breached during last week’s cyber attack that brought down the company’s website and its online payment system, the company told workers in an email Thursday night.

“Through our investigation, we recently learned that your personal information may have been acquired by an unauthorized third party between Jan. 16 and Feb. 8, 2023,” Andrea Limbardi, Indigo’s president wrote to employees.

The information includes employees’ email address, phone number, birth date, home address, postal code, social insurance number and banking information such as employee direct deposit information, including the name of the financial institution, bank account number and branch number.

Indigo experienced a cybersecurity Feb. 8, that impacted its website and electronic payment system.

“We acted quickly to stop this event and prevent further unauthorized access,” Limbardi wrote. “We worked with external experts to investigate and resolve the situation as quickly as possible.”

Currently, all stores are open but the full functioning website remains down — a temporary website has been created acting like an online store but it can’t accept online transactions.

More to come

SHARE: