Ransomware group says it wants $25M from London Drugs | #ransomware | #cybercrime

Shawnigan Lake-based threat analyst Brett Callow said his cybersecurity company was aware of the demand “almost immediately” due to trackers on the dark net

A ransomware gang is threatening to release confidential data it claims to have stolen from London Drugs if it isn’t paid $25 million by Thursday.

The retailer and pharmacy chain closed all of its 79 stores in Western Canada after a cybersecurity breach was discovered on April 28.

Stores, including ones on Vancouver Island, weren’t fully reopened until May 7.

On Tuesday, London Drugs confirmed to the Times Colonist that the cyberattack was orchestrated by a “sophisticated group of global cybercriminals” that took electronic files from its corporate head office.

While the company did not name the group responsible for the attack, ransomware syndicate LockBit on Tuesday posted a notice on a dark-web site where stolen information is posted threatening to release the data it had stolen unless it was paid $25 million in the next 48 hours.

Shawnigan Lake-based threat analyst Brett Callow said his cybersecurity company, Emsisoft, was aware of the listing “pretty much straightaway” due to trackers the company has on the dark net.

LockBit claimed that London Drugs had offered to pay an $8 million ransom, without providing any evidence.

The group also did not provide any details about the data it claims to have stolen.

In response to questions from the Times Colonist, London Drugs said it is “unwilling and unable to pay ransom to these cybercriminals.”

The company reiterated that it believes no customer, patient or “primary employee” databases were compromised.

“Should this change as the investigation continues, we will notify affected individuals in accordance with privacy laws,” it said, adding that a review of the cyber incident is still ongoing.

London Drugs is taking “all available steps” to mitigate impacts from the ransom attack, including notifying all of its current employees of the potential effects, the statement said.

It is providing 24 months of complementary credit monitoring and identity-theft protection services, the statement said.

The company did not make anyone available for an interview Tuesday.

London Drugs has more than 8,000 employees, according to its website.

more to come

[email protected]

Source link


National Cyber Security