London Drugs confirms employee data held for ransom

London Drugs confirmed some of its employees’ information has been compromised and held for ransom after a cybersecurity incident that shuttered western Canada stores weeks ago.

In a statement to CityNews Tuesday, the company says it was the victim of an attack orchestrated by a “sophisticated group of global cybercriminals.”

According to B.C. cybersecurity threat analyst Brett Callow of Emsisoft, the criminals are asking for $25 million within 48 hours or else the group will release stolen data.

“With endless revenue, greedy pharma is only willing to pay 8 million, help someone help the poor pharma raise another 17 million dollars,” read an anonymous post Callow found on a dark web site.

London Drugs has not confirmed the ransom amount, nor the nature or extent of employee personal information affected.

“Through our ongoing investigation, we are now aware that London Drugs has been identified by cybercriminals on the dark web as a victim of exfiltration of files from its corporate head office, some of which may contain employee information,” the company stated.

The retailer says it still has no indication that patient or customer databases were compromised in the attack.

It added, “nor do our primary employee-specific databases appear compromised.”

London Drugs says it is “unwilling and unable” to pay the ransom that the group is demanding.

“We acknowledge these criminals may leak stolen London Drugs corporate files, some of which may contain employee information on the dark web. This is deeply distressing, and London Drugs is taking all available steps to mitigate any impacts from these criminal acts, including notifying all current employees whose personal information could be potentially impacted,” it said.

It says its review is underway, and the company has provided 24 months of complimentary credit monitoring and identity theft protection services to all current employees, “regardless of whether any of their data is ultimately found to be compromised or not.”

More to come.

Source