LockBit demands $25 million from London Drugs in 48 hours

In April of this year, London Drugs faced a cyber attack, which led to the encryption of their servers. The company promptly announced its efforts to seek alternative methods to recover the stolen data in collaboration with law enforcement. However, following this disclosure, London Drugs maintained silence on the matter until recently, when hackers issued a formal demand: pay $25 million within 24 hours or risk the sale of the compromised data on the dark web.

Adhering to data protection laws, London Drugs will notify all affected individuals digitally about the attack and assure them of implemented security measures. The company pledges to cooperate with law enforcement guidance.

Despite the FBI’s prior advisory against yielding to hackers’ demands, London Drugs, a pharmaceutical firm with a global workforce exceeding 9,000 employees, spanning British Columbia, Manitoba, Alberta, and Saskatchewan, has yet to confirm any intentions to pay ransom. Their IT team is exploring alternative avenues to verify the legitimacy of the demands.

Meanwhile, the criminal group has claimed responsibility for the recent attack on the Italian Revenue Service (L’Agenzia Delle Entrate), promising to return the stolen data upon payment.

The history of the LockBit criminal gang dates back to September 2019 when it emerged as a Ransomware-as-a-Service (RaaS) operation. After rebranding as LockBit 2.0 in June 2021, the group persisted despite a joint FBI-Europol operation in February 2024, which seized their IT infrastructure. Undeterred, the group resurfaced as LockBit 3.0, continuing their ransom demands in Monero cryptocurrency.

It’s crucial for readers of Cybersecurity Insiders to recognize the resilience of such criminal entities, despite law enforcement interventions, underscoring the ongoing challenges posed by cyber threats.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display