According to Emsisoft cyber threat analyst Brett Callow, the criminal group targeting London Drugs may have released stolen employee data it previously held for ransom.
CityNews has not yet confirmed what has been released.
The ransomware group, Lockbit appears to have posted links to files containing employee data, including potentially sensitive information, to the dark web, Callow says.
The perpetrators claiming to be behind the ransom — first posted Tuesday– have been demanding that London Drugs pay $25 million in exchange for data stolen during the April cyberattack that shuttered stores for days.
The ransomware group had been threatening to leak employee information on the dark web if those demands were not met.
Speaking to CityNews Thursday, Callow says in similar cases he has seen, the removal and then relisting of the demand could indicate “the victim company entered negotiations, and those negotiations then fell through.”
“It should be noted, however, that simply because a company enters negotiations, or makes an offer, as LockBit claimed that London Drugs did, it doesn’t mean there was ever an intention to pay,” he explained.
You can watch CityNews 24/7 live or listen live to CityNews 1130 to keep up to date with this developing story. You can also subscribe to breaking news alerts sent directly to your inbox.
—With files from Charlie Carey