London Drugs has confirmed that files stolen by hackers during a cyberattack in April have been leaked onto the dark web.
“London Drugs has been named by cybercriminals as a victim of exfiltration of files from its corporate head office, and we are aware that some of these exfiltrated files have now been released,” the company said in a Thursday statement.
“We want to reiterate that London Drugs is unwilling and unable to pay ransom to these cybercriminals.”
Global News has viewed some of the material, which includes highly personal information on London Drugs employees, including medical and human resources files.
Cybercriminals infiltrated the company’s network on April 28 with a ransomware attack, forcing it to shutter its nearly 80 stores across western Canada for more than a week.
Earlier this week, infamous ransomware operation LockBit claimed responsibility for the attack, posting a $25 million ransom with the threat to release stolen data if it wasn’t paid within 48 hours.
The attackers now appear to have made good on that threat.
“We acknowledge that some of these files may contain some employee information — this is deeply distressing and London Drugs is taking all available steps to mitigate any impacts from these criminal acts,” London Drugs said.
“As previously stated, we have no indication to date of any compromise of patient or customer databases; nor do our primary employee-specific databases appear compromised.”
Cybersecurity experts say there was no easy way out of the situation for London Drugs.
“This group is known to lie about things,” Chester Wisniewski, global field CTO and director at Sophos told Global News.
“In the past, they’ve promised to delete information if the victim pays the ransom, and
Read more on globalnews.ca