Skip to main content

London Drugs stores remain closed Monday after 'cybersecurity incident'


Dozens of London Drugs stores across Western Canada remained closed Monday following what the company described as a "cybersecurity incident" over the weekend.

The company abruptly closed all locations in British Columbia, Alberta, Saskatchewan and Manitoba after detecting the cyberattack on Sunday.

London Drugs cited an "abundance of caution" for the decision to shutter stores on Sunday, and provided a statement reiterating that reason for the ongoing closures on Monday morning.

"At this time, we have no reason to believe that customer or employee data has been impacted," the company wrote.

A public relations firm representing the pharmacy and retail chain could not provide any further information on the cyberattack, or give an estimated timeline for reopening.

London Drugs has promised pharmacists will continue working throughout the closures to help customers with urgent needs at every location.

"Pharmacy staff are on-site at all London Drugs locations to support customers with urgent pharmacy needs. We advise customers to visit their local store in-person for immediate support," the company said.

The company's automated prescription request system was unavailable as of Monday morning, and in the afternoon all phone lines were taken offline.

London Drugs said the phones were disconnected as a "necessary part of its internal investigation."

What happened?

No details on the nature of the cyberattack have been shared with the public, but the statement from London Drugs described the company as a "victim" of an undisclosed incident.

"Upon discovering the incident, London Drugs immediately undertook countermeasures to protect its network and data, including retaining leading third-party cybersecurity experts to assist with containment, remediation and to conduct a forensic investigation," the statement added.

"We apologize for any inconvenience caused and we want to assure you that this incident is the utmost priority for us at London Drugs."

David Shipley, the CEO of Beauceron Security, said the company’s response suggests it may be dealing with a ransomeware attack, which involves the use of malicious software in an effort to extort an individual or business.

"If it was a classic theft of information, you wouldn't see the stores closed," Shipley told CTV News. "This is the classic ransomware response playbook – contain it, figure it out, investigate it and respond."

The incident comes weeks after a major ransomware incident in the U.S. that disrupted prescription deliveries for days, Shipley noted, adding that pharmacies store a "laundry list" of highly sensitive information.

"Pharmaceutical information is among the most sensitive personal health information available – prescriptions for things like HIV/AIDS drugs, cancer treatments, sexually transmitted infections," he said.

If the information were to be posted online or sold, Shipley said it could be used for any number of potential frauds, such as dressing up spam emails with personal information to make them appear more legitimate.

"It opens up a wealth of criminal opportunities," Shipley said. Top Stories

Stay Connected