May 22, 2024 at 04:08PM
Canadian pharmacy chain London Drugs confirmed that ransomware criminals stole corporate files, forcing closure of 79 locations. No patient or customer data compromise. Perpetrators demand $25 million, claim London Drugs offered $8 million. Company refuses to pay ransom and promises employees two years of credit monitoring. Ransomware crew LockBit disrupted by law enforcement.
Meeting notes summary:
– Canadian pharmacy chain London Drugs experienced a ransomware attack on April 28, which forced the closure of its 79 locations across British Columbia, Alberta, Saskatchewan, and Manitoba until May 7.
– The attack was orchestrated by a sophisticated group of global cybercriminals, specifically by the ransomware crew LockBit.
– The attack prompted LockBit to claim that London Drugs was willing to pay $8 million, but the pharmacy chain has stated that it is “unwilling and unable to pay ransom to these cybercriminals.”
– London Drugs has confirmed that some corporate files containing employee information were stolen, and the cybercriminals have threatened to leak the data if the ransom is not paid.
– While there is no indication of compromise of patient or customer databases, as well as primary employee specific databases, London Drugs is conducting a review to determine the extent of the personal information compromised.
– In response to the attack, London Drugs has notified all current employees and plans to provide them two years of free credit monitoring and identity-theft protection.
Additionally, research by NCC Group suggests that the recent takedown of LockBit’s infrastructure by law enforcement has resulted in a 60 percent drop in the number of victim organizations, including London Drugs, targeted by the gang.