London Drugs refuses to pay ransom to global cybercriminals,
The Cyberattack on London Drugs by a Sophisticated Group of Global Cybercriminals
On Tuesday, London Drugs confirmed to the Times Colonist that it had fallen victim to a cyberattack orchestrated by a “sophisticated group of global cybercriminals.” These criminals managed to infiltrate the company’s corporate head office and steal electronic files. While the identity of the group responsible for the attack was not disclosed by London Drugs, ransomware syndicate LockBit claimed responsibility on a dark-web site where stolen information is typically posted.
LockBit Ransomware Syndicate Threatens to Release Stolen Data from London Drug
Shawnigan Lake-based threat analyst Brett Callow, from cybersecurity company Emsisoft, was quick to become aware of the listing on the dark net. This was possible due to trackers that Emsisoft has in place. LockBit claimed that London Drugs had offered to pay an $8 million ransom, although no evidence was provided to support this claim. Furthermore, LockBit did not disclose any details about the data they had allegedly stolen.
In response to inquiries from the Times Colonist, London Drugs stated that it was “unwilling and unable to pay ransom to these cybercriminals.” The company maintained its belief that no customer, patient, or primary employee databases had been compromised. However, it acknowledged that the investigation into the cyber incident was still ongoing. London Drugs assured that if any changes were discovered during the investigation, affected individuals would be notified in accordance with privacy laws.
London Drugs is taking all necessary steps to mitigate the impacts of the ransom attack. This includes notifying all current employees about the potential effects of the breach. Additionally, the company is offering 24 months of free credit monitoring and identity-theft protection services to those affected. However, London Drugs did not make anyone available for an interview on Tuesday.
According to Callow, there is currently no reason to believe that there is any connection between this cyberattack on London Drugs and the recent attacks on other B.C.-based organizations. These include the B.C. Libraries Cooperative and the three cybersecurity attacks on the provincial government since April 10. Callow emphasized that thousands of similar incidents occur every year, and while the government and London Drugs may have been in contact, it does not necessarily indicate a direct link between the attacks.
LockBit, the ransomware syndicate responsible for the attack on London Drugs, has a significant presence on the dark web. On Tuesday alone, the group had several dozen ransomware threats listed on its site. It is considered one of the most prolific ransomware syndicates globally, accounting for 23% of nearly 4,000 attacks reported last year, according to cybersecurity firm Palo Alto Networks.
The situation serves as a reminder of the ever-present threat of cybercrime and the importance of robust cybersecurity measures for businesses and individuals alike.
