Shopify built Indigo’s new website in three days following ransomware attack

After reaching out to Shopify, Indigo was back online with a new site in three days.

When Indigo was struck by ransomware and its website was down for more than a week, Shopify helped the company get back on its feet with a new website that allowed it to resume selling online.

Earlier this month, Indigo was hit by ransomware that wiped out the Canadian bookseller’s e-commerce and in-store sales, shutting down its website for over a week. Indigo reached out Shopify for assistance, according to Shopify president Harley Finkelstein. And, in a matter of days, Indigo was back online with a new, temporary, Shopify-powered website.

“They came to us, and in 3 days, we were able to build them a new site & get them back online and selling.”
– Harley Finkelstein, Shopify

“Last week, one of Canada’s biggest retailers and bookstores, Indigo, was completely down both online and in-store,” tweeted Finkelstein on February 26. “They came to us, and in 3 days, we were able to build them a new site & get them back online and selling. That’s the power of @Shopify.”

Indigo, the retailer behind Indigo and Chapters bookstores across the country, was struck by what the company initially described as a cybersecurity incident on February 8.

This hack, which Indigo later confirmed was a ransomware attack, shut down the firm’s e-commerce business. It also affected Indigo’s computers and payment system, impacting the firm’s in-store operations and costing the company an estimated “millions” of dollars in lost sales.

Nine days later, Indigo announced that it had launched a new, temporary website supported by Shopify.

Indigo’s new website remains limited. It was initially browse-only, and now permits users to buy “select books” online. A tagline at the top of the site’s homepage currently reads, “Shop books online. Window-shop lifestyle.” Indigo has not provided a timeline for when full functionality, its original website, or its app may return.

RELATED: The Indigo hack is bad. Will AI make cyber threats worse?

“We are working hard to provide the seamless online shopping experience that you have come to expect,” states Indigo. “Currently we are only selling select books online and look forward to expanding the assortment shortly. Please check back daily for updates and progress.”

Indigo, which is conducting an investigation into the ransomware incident, said there is no indication that customer data was impacted by the attack. But as The Globe and Mail has reported, Indigo employees’ personal information, including social insurance numbers, financial details, and other data, was indeed breached by hackers.

Experts say the Indigo hack highlights hackers’ mounting prevalence and sophistication. The incident marks the latest in a series of high-profile cyberattacks on large Canadian organizations in recent months, including the Liquor Control Board of Ontario, Toronto’s Hospital for Sick Children, and Sobeys parent Empire Co.

Though Shopify got its start helping small businesses, the company has recently been ramping up its focus on enterprise retailers. Shopify’s role in the Indigo saga showcases its efforts to work with customers of this size.

Feature image courtesy Wikimedia Commons. Photo by Raysonho.

Josh Scott

Josh Scott

Josh Scott is a BetaKit reporter focused on telling in-depth Canadian tech stories and breaking news. His coverage is more complete than his moustache. He was also the winner of SABEW Canada’s 2023 Jeff Sanford Best Young Journalist award.

0 replies on “Shopify built Indigo’s new website in three days following ransomware attack”