Credit, debit info and Plum points not compromised in cybersecurity incident: Indigo

Indigo Books & Music Inc. says customer credit and debit information was not compromised by a recent cybersecurity incident that has downed its online operations for almost a week.

The books and home goods retailer says in a new notice on its website that information linked to the cards was not compromised because the company does not store credit or debit numbers in its system.

It also says points collected through the company’s Plum loyalty program remain intact and were unaffected by the incident.

Indigo is using third-party experts to investigate and resolve the situation and promises its online store will relaunch as soon as it is confident it can provide a seamless experience again.

The company says it is accepting cash, debit, credit and gift cards in stores, but is still temporarily unable to accept exchanges and returns.

Indigo first notified customers of the incident on Feb. 9, saying it temporarily couldn’t process electronic payments, accept gift cards or deal with returns, but was able to complete cash transactions.

This report by The Canadian Press was first published Feb. 14, 2023.