London Drugs says it's unwilling to pay ransom demanded by hackers

RICHMOND, B.C. — Retailer London Drugs says it’s “unwilling and unable” to pay a multimillion-dollar ransom to cybercriminals who declare to have stolen information in a hacking assault that just lately shut down its shops for greater than per week.

The firm says in an announcement that the criminals might leak stolen company recordsdata containing worker info on the darkish internet, calling the scenario “deeply distressing.”

It says it notified all workers and is offering them with two years of credit score monitoring and identification theft safety companies.

The retailer was responding to a picture posted on the social media platform X, connecting the London Drugs assault to a ransomware group known as Lockbit.

The picture urged a ransom of $25 million had been demanded from London Drugs with a deadline set for Thursday, including that the retailer was to date “only willing to pay 8 million.”

London Drugs’ assertion says it’s unable to “provide specifics on the nature or extent of employee personal information potentially impacted.”

“Through our ongoing investigation, we are now aware that London Drugs has been identified by cybercriminals on the Dark Web as a victim of exfiltration of files from its corporate head office, some of which may contain employee information,” it says.

London Drugs closed all 79 of its shops in B.C., Alberta, Saskatchewan, and Manitoba on April 28, when it turned conscious of the cyberattack.

They didn’t all reopen till May 7.

It was a part of a sequence of hacking incidents that included what the B.C. authorities known as a “sophisticated” try by criminals to breach its personal info methods, and the hacking of B.C.’s library methods by extortionists who sought a ransom to not launch the information.