LockBit Claims Recent Attack on London Drugs Pharmacy Chain

Yesterday, the notorious LockBit ransomware gang claimed responsibility for last month’s attack against Canadian pharmacy chain London Drugs.

The threat actors now threaten to leak data stolen during the attack after the company refused to negotiate with the digital assailants.

London Drugs Faced a Security Incident in April

London Drugs was targeted on April 28, forcing it to close all its stores across Western Canada. Despite the attack’s aggression, the company stated that there was no evidence it compromised customer or employee data.

On May 8, Clint Mahlman, the president and chief operating officer (COO) of London Drugs, doubled down on the statement after hiring third-party cybersecurity experts to lead a forensic investigation. According to Mahlman’s statement, the investigation found no evidence of leaked “customer databases, including our health data and LDExtras data.”

The pharmacy chain has since resumed operations in stores that were shut down, but its website is still offline, displaying an error message.

LockBit Listed London Drugs on Extortion Portal

Yesterday, the LockBit ransomware group listed London Drugs on its extortion website, attributing the April attack to themselves and threatening to publish the data they claim to have stolen from the company’s servers.

LockBit has not yet presented proof that they stole any files from the pharmacy chain’s servers, only stating that their negotiations with the company for a $25 million ransom have been unsuccessful.

Precautionary Measures Taken by the Company

As BleepingComputer reported, the company is aware of the ransomware gang’s claims to have stolen "files from its corporate head office, some of which may contain employee information,” but abstained from confirming or denying them.

Furthermore, the company acknowledged that the gang may leak stolen London Drugs corporate files on the Dark Web, possibly including employee information. As a precaution, the company notified all current employees and provided two years of complimentary credit monitoring and identity theft services.

Protecting Against Ransomware and Mitigating Data Breaches

Data breaches can wreak havoc on afflicted parties, whether it’s a big company like London Drugs or the individuals tied to it, such as employees or customers.

Using specialized software like Bitdefender Ultimate Security can protect against ransomware and other intrusions, including viruses, worms, Trojans, spyware, zero-day exploits and rootkits.

Additionally, Bitdefender Digital Identity Protection can help you monitor your online presence. It provides you with an overview of your online-available data, notifies you of breaches affecting your data, and lets you patch holes in your digital footprint instantly.