London Drugs: Hackers Leak Stolen Corporate Data

Retailer London Drugs reports that cybercriminals breached files from its corporate head office recently and have now released some of the data after the company refused to pay a ransom.

The statement from the Richmond, B.C.-based company acknowledges that the released files may include “some employee information,” labeling the situation as “deeply distressing.”

In response to a social media post by B.C.-based cybersecurity analyst Brett Callow, London Drugs confirmed that hacking group Lockbit had made public what they claimed to be the company’s data.

The company clarified that it was “unwilling and unable” to comply with the ransom demands of hackers characterized as “a sophisticated group of global cybercriminals.”

London Drugs is taking steps to notify employees potentially impacted by the breach, offering credit monitoring and identity theft protection services.

There is no evidence to suggest that patient or customer databases were compromised during the breach that led to the temporary closure of London Drugs stores across Western Canada on April 28.

Related Stories

Likewise, the company is currently examining the stolen files to determine the extent of information compromised and will notify affected employees accordingly.

London Drugs temporarily closed all its 79 stores in B.C., Alberta, Saskatchewan, and Manitoba upon discovering the cyberattack.

All stores resumed operations on May 7 after the incident, which was part of a series of hacking attempts, including a reported “sophisticated” effort by criminals to breach the systems of the B.C. government.