London Drugs 'unwilling and unable' to pay hackers' ransom after breach
The retailer closed all 79 of its stores on April 28 and did not fully reopen until May 7
RICHMOND, B.C. — Retailer London Drugs Ltd. says it is “unwilling and unable” to pay a multimillion-dollar ransom to cybercriminals who claim to have stolen data in a hacking attack that recently shut down its stores for more than a week.
tap here to see other videos from our team.
London Drugs 'unwilling and unable' to pay hackers' ransom after breach Back to video
tap here to see other videos from our team.
The company says in a statement that the criminals could leak stolen corporate files containing employee information on the dark web, calling the situation “deeply distressing.”
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman, Victoria Wells and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman, Victoria Wells and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account.
- Share your thoughts and join the conversation in the comments.
- Enjoy additional articles per month.
- Get email updates from your favourite authors.
Sign In or Create an Account
It says it notified all employees and is providing them with two years of credit monitoring and identity theft protection services.
The retailer was responding to an image posted on the social media platform X, connecting the London Drugs attack to a ransomware group called Lockbit.
The image suggested a ransom of $25 million had been demanded from London Drugs with a deadline set for Thursday, adding that the retailer was so far “only willing to pay 8 million.”
London Drugs’ statement says it’s unable to “provide specifics on the nature or extent of employee personal information potentially impacted.”
“Through our ongoing investigation, we are now aware that London Drugs has been identified by cybercriminals on the Dark Web as a victim of exfiltration of files from its corporate head office, some of which may contain employee information,” it says.
London Drugs closed all 79 of its stores in B.C., Alberta, Saskatchewan, and Manitoba on April 28, when it became aware of the cyberattack.
They did not all reopen until May 7.
It was part of a series of hacking incidents that included what the B.C. government called a “sophisticated” attempt by criminals to breach its own information systems, and the hacking of B.C.’s library systems by extortionists who sought a ransom to not release the data.
