Thousands of bookstores in Europe have been affected by a ransomware attack that targeted a leading software supplier.
The ransomware attack targeted TiteLive, a French company that offers cloud-based software for book sales and inventory management. Bookstores affected by the ransomware attack included Libris, Aquarius, Malperthuis, Donner and Atheneum Boekhandels, The Record reports. Other clients listed on the company’s website include Gallimard, Paris Libraries, SciencesPo, Furet du Nord and La Pro Cure.
The form of ransomware used in the attack that targeted the company has not been disclosed. A ransom payment was demanded and the encryption, which targeted Windows servers run by TiteLive, forced the company’s products offline.
Precisely what data may have been stolen is also not clear. Media Log, the company’s main product, deals both with book inventory and sales. According to the product’s website, Media Log includes processing online orders and shipping, cash sales and customer relationship functions such as loyalty cards and direct mail. The data stolen may have included not only personally identifiable information but also payment details.
While causing inconvenience for the bookstores affected, none of the stores was forced to shut down. A spokesperson for bookstore chain Libris told NOS News that the ransomware attack was inconvenient but didn’t cause any real damage. “When people order, bookstores have to work manually,” Jan Peter Renger of Libris said. “Books can be sold in the shops, but it’s very annoying.”
A spokesperson for Athenaeum Boekhandels reflected similarly, saying that they can still sell books in their shops, but they cannot access their inventory. “The portal has been hacked,” the spokesperson said, “but fortunately nothing has happened to the database. We can just sell books, the cash register works.” It’s also noted that the attack has prevented affected companies from seeing customer orders.
“While malicious cybercriminals continue to target large corporations, this attack on European bookstores proves that smaller businesses are at risk as well – no company is truly safe,” Nick Tausek, security solutions architect at low-code security automation company Swimlane, told SiliconANGLE. In this case, the bookstores’ IT infrastructure was shut down for several days, forcing employees to track sales and inventory through less reliable and accurate methods such as Excel spreadsheets and pen and paper.”