London Drugs has confirmed that files stolen by hackers during a cyberattack in April have been leaked onto the dark web.
“London Drugs has been named by cybercriminals as a victim of exfiltration of files from its corporate head office, and we are aware that some of these exfiltrated files have now been released,” the company said in a Thursday statement.
“We want to reiterate that London Drugs is unwilling and unable to pay ransom to these cybercriminals.”
Cybercriminals infiltrated the company’s network on April 28 with a ransomware attack, forcing it to shutter its nearly 80 stores across western Canada for more than a week.
Earlier this week, infamous ransomware operation LockBit claimed responsibility for the attack, posting a $25 million ransom with the threat to release stolen data if it wasn’t paid within 48 hours.
The attackers now appear to have made good on that threat.
“We acknowledge that some of these files may contain some employee information — this is deeply distressing and London Drugs is taking all available steps to mitigate any impacts from these criminal acts,” London Drugs said.
“As previously stated, we have no indication to date of any compromise of patient or customer databases; nor do our primary employee-specific databases appear compromised.”
The company said it is notifying employees whose personal information may be affected, and offering them free credit monitoring services and identity theft protection.
London Drugs said it was still investigating what data was stolen, and that it would not comment on the nature of the documents or their contents.
It said once the review was complete it would notify affected individuals to provide them with specific details.
More to come…