Employee information accessed in cyber attack at Niagara-based company

A Niagara-based book wholesaler, ‘Book Depot’ was the victim of a cyber attack last September and October. While customer information was protected, hundreds of current and former employees’ information was accessed.

‘Book Depot’ shared tweets from late September to mid-October informing customers that the website would be offline due to ‘maintenance.’ Five months later, employees and former employees received troubling mail. Saying their information had been compromised. They were notified five months after the fact.

In a statement, ‘Book Depot’ tells CHCH News “Book Depot worked with cybersecurity experts to conduct a careful and detailed review of all potentially affected systems. During this review, personal information of current and former employees were identified.”

Unlike a physical robbery, cyber security analyst Ritesh Kotak says cyberattacks take time to identify which could have played a part in the delayed notification to staff. Kotak says, “it could be months before an organization actually discovers that there’s been a breach and then you do an investigation to see exactly what’s been breached who may have been the individuals involved because these things are are complex. It’s not that a breach happens today you’re going to know about it today and start the reporting process tomorrow.” Kotak says any personal information attracts hackers in hopes of turning a profit.

Niagara regional police tell CHCH that while the system was hacked, it appears that no data was taken from Book Depot’s systems and that the case has been transferred to the RCMP’s cybercrime unit.