Ransomware, Breach

Cyberattack against London Drugs claimed by LockBit ransomware group

A pharmacy technician counts pills to fill a prescription.

BleepingComputer reports that Canadian pharmacy and retail chain London Drugs was admitted to have been breached by the LockBit ransomware group in an attack last month that resulted in the temporary closure of all its stores across Western Canada.

LockBit, which continues to be active after switching to new domains and servers following a recent international law enforcement crackdown, has threatened the exposure of all data allegedly exfiltrated from London Drugs' servers following failed negotiations for a $25 million ransom but did not provide any proof of the stolen information.

After initially reporting that no customer or employee data had been impacted by the intrusion, London Drugs acknowledged that corporate head office files — some of which may have included employee details — were compromised, while emphasizing its refusal to pay the ransomware group's demands.

"At this stage in our investigation, we are not able to provide specifics on the nature or extent of employee personal information potentially impacted. Our review is underway, but due to and the extent of system damage caused by this cyber incident, we expect this review will take some time to perform," said London Drugs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.