Bookstore owners hacked off after cyberattack
A bookstore said yesterday a cyberattack on its computer system could have “wrecked” the business.
The owners of the Bermuda Bookstore said the ransomware attack, in which hackers freeze a company’s data and demand cash to unlock it, had meant the loss of important order and inventory details.
The owner said the attack had not compromised customers’ personal details.
Miriam Kaye, one of the Hamilton store’s managers, said: “We’re still in business.
“We have lost our inventory and our customer orders and our e-mail has been down, for the most part.”
She admitted: “I never understood what ransomware was, and I really feared for our business the first couple of days.”
Ms Kaye said: “We are an institution. We’ve been in business more than 70 years and at this location more than 50 years.
“It’s tough enough doing business as it is. This could have wrecked us.”
Staff discovered on Saturday that their IT system had been hacked, probably through a staff home computer linked to the shop system, which locked them out of their business network.
The store found the message: “Hello, dear friend!
“All of your files have been encrypted. Do you really want to restore your files?”
The store was told to contact the hackers, who would later demand cash to restore the network.
Police advised management not to respond to the message and the shop is rebuilding its data with the help of an IT professional.
Ms Kaye said: “We had to think outside the box and come up with a contingency plan.
“Patrons have been quite understanding.
“But we will be increasing our security.”
Ms Kaye warned: “This does not just happen to multinationals and governments.
“It can happen to anybody, of any size, and it can be devastating.
“So don’t think it can’t happen to you.”
She added: “Be on the alert — and back up everything.”
Ms Kaye said customers with a special order should contact the store at 295-3698.
A Bermuda Police Service spokesman said the public should be wary of e-mails from unknown people or businesses and not to click on any links in suspect e-mails.
He added suspected internet fraud should be reported to the Financial Crime Unit at 247-1757 or email@example.com.
An international website on ransomware can be accessed at https://www.nomoreransom.org/en/index.html.