HQ/EMEAFind out how we can help your business
The notorious LockBit ransomware group claimed responsibility for the London Drugs ransomware attack last month. Following an alleged failed negotiation, this group threatens to disclose the stolen data online.
London Drugs suffered a hack on April 28, forcing it to close all its retail outlets in Western Canada. However, the corporation insisted that the attack had not compromised consumer or staff data.
In addition, the pharmacy chain explained that if their investigation revealed any compromised information, they would immediately notify the affected individuals and contact relevant authorities to comply with privacy laws.
Subsequently, London Drugs reopened all its locations, but the company’s website remains down and displays an error message stating that the server encountered an internal error that prevents it from accomplishing a request.
The LockBit ransomware includes London Drugs as its extortion site.
Last week, the LockBit ransomware group added London Drugs to its extortion portal. This notorious cybercriminal organisation claims responsibility for the April cyberattack and threatens to disclose data allegedly stolen from the company’s servers.
The ransomware group has yet to prove that it acquired any files from London Drugs’ servers. Still, it claimed that it allegedly negotiated with the company to pay a $25 million ransom that failed immediately.
London Drugs confirmed in its statements that it is aware of the ransomware gang’s claims. However, it did not admit LockBit’s allegations and the alleged stolen data that may contain employee information.
Furthermore, the corporation noted that it would not and could not pay the ransom demanded by LockBit, but it recognises that the group could leak the alleged stolen corporate files.
The affected firm explained that they could not yet provide specifics on the nature or extent of employee personal information that is potentially impacted. However, they assured everyone that they reviewed every aspect of the incident, so they asked for more time before revealing new details about the hack.
All current employees of the affected firm are advised to be cautious with their digital presence. The corporation urges them to enrol in the two-year credit monitoring and identity theft protection they provided, regardless of whether their data is compromised.
