Western retailer London Drugs has confirmed that a criminal group targeting the company has released stolen employee data that was previously held for ransom. London Drugs is an authorized reseller of Apple products, plus numerous wireless services from telecoms.
In a statement to CityNews, the company said, “London Drugs has been named by cybercriminals as a victim of exfiltration of files from its corporate head office, and [it is] aware that some of these exfiltrated files have now been released.”
The company further acknowledged that some of the leaked data might contain personal information of its employees.
“We acknowledge that some of these files may contain some employee information – this is deeply distressing and London Drugs is taking all available steps to mitigate any impacts from these criminal acts, including notifying all current employees whose personal information could be potentially impacted and providing them with complimentary credit monitoring services and identity theft protection.”
The ransomware group LockBit posted links to files containing employee data on the dark web Thursday afternoon. The group had initially demanded $25 million from London Drugs in exchange for the stolen data, which was taken during an April cyberattack that closed retail stores for days. LockBit threatened to leak employee information if the ransom was not paid.
#LockBit has released what it claims is data related to #LondonDrugs. #ransomware pic.twitter.com/cvcsigHK0m
— Brett Callow (@BrettCallow) May 23, 2024
London Drugs has not confirmed the specifics of the released documents but reiterated its stance against paying the ransom.
“The perpetrators demanding the ransom first posted on Tuesday,” said Emsisoft cyber threat analyst Brett Callow, noting that the leaked files total “more than 300 gigabytes” in size, which he described as “a huge, huge amount.”
“London Drugs made absolutely the right decision in refusing to pay,” said Callow. “All they would have got in exchange for their money is a pinky-promise from the cybercriminals — untrustworthy, bad-faith actors — that the data would be destroyed. There’s no reason to believe that they actually do that. In fact, there is ample evidence that they do not. Law enforcement was actually able to hack into LockBit’s infrastructure a couple of months ago, and they found data stolen from organizations that had actually paid to have that data deleted.”
He advised employees whose information was leaked not to worry excessively, calling it “alarmist” to assume the worst.
Want to see more of our stories on Google?
P.S. Want to keep this site truly independent? Support us by buying us a beer, treating us to a coffee, or shopping through Amazon here. Links in this post are affiliate links, so we earn a tiny commission at no charge to you. Thanks for supporting independent Canadian media!
Cheaper to pay for credit monitoring than paying $25M..
More expensive to regain/rebuild your credit and identity after it’s been stolen and pay lawyers fees as a result of a class action lawsuit. You’re such an ignorant tool.
Proactive measures like credit monitoring can prevent much larger expenses and complications down the line. The cost of dealing with identity theft, credit restoration, and legal fees from class action lawsuits can be overwhelming. It’s about minimizing risk and protecting oneself from potential financial and legal hardships. You seemed pissed that LD didn’t want to pay the $25M. You not part of LockBit, are you?
Cheap bastards. If the public’s data was compromised and released instead of just their employees, the outcome would’ve been very different.
In past cases where the hacking group in question was paid the ransom, they released the data anyway. Paying the ransom only emboldens them. There is no guarantee they will delete the data and given how unscrupulous they are, one would have to be incredibly foolish to take them at their word. There’s no use in shutting the barn door after the horse has already bolted.
LD shouldn’t pay, no one should pay. They are extortionist crimminals.