Confused shoppers milled outside a London Drugs store in downtown Vancouver on Monday, some wondering aloud why they couldn’t access the store to fill prescriptions or buy hair dye.
A metal gate prevented them from entering the store on the corner of West Georgia and Granville streets, and a security guard occasionally directed perplexed customers to a sign announcing the “temporary closing of the store.”
He wasn’t alone: London Drugs closed all of its stores in Western Canada on Sunday due to a “cybersecurity incident.”
In a statement Monday, the retail and pharmacy chain said it learned it was the victim of a cyber incident on Sunday, when it first closed its stores “out of an abundance of caution.”
“Upon discovering the incident, London Drugs immediately took countermeasures to protect its network and data, including engaging external cybersecurity experts to assist with containment, remediation, and conducting a forensic investigation,” the company said.
“At this time, we have no reason to believe that customer or employee data was affected.”
The sign on the downtown Vancouver store said it was closed until further notice, but pharmacists were ready to address urgent needs.
It included a number to call for help, and the chain said in its statement that pharmacists were still available, but when The Canadian Press called the automated system Monday morning, the line abruptly disconnected.
Retailer London Drugs is closing stores in Western Canada due to a “cybersecurity incident.” #cybersecurity #cybercrime
The retailer later issued an update saying its phone lines were also temporarily cut, “as a necessary part of its internal investigation.”
Until they are restored, customers who urgently need medication should go to their local store in person, he said, and staff will be available to help them.
The retailer has not offered a timeline for when its stores will be able to reopen.
Canada Post confirmed Monday that offices located inside London Drugs stores are being affected by the closure, but said customers who have packages waiting can pick them up at the stores.
“Employees will be present to assist you at the main entrance of the store,” it said in an email. “If customers are required to pay any shipping costs, they will need to pay in cash.”
London Drugs, a Richmond, British Columbia-based company that opened its doors in 1945 with a name intended as a nod to England’s capital, sells everything from pharmaceuticals to groceries and electronics.
It has more than 80 stores in Alberta, Saskatchewan, Manitoba and BC.
“We apologize for any inconvenience caused and want to assure you that this incident is the top priority for us at London Drugs,” the company said in its statement.
The incident facing London Drugs comes a month after discount chain Giant Tiger Stores Ltd. reported that some of its customer data was compromised in an “incident” linked to a third-party vendor it uses.
In the past two years, Indigo Books & Music, the LCBO, the Nova Scotia government, the Toronto Public Library and the City of Hamilton in Ontario have also been victims of cyber incidents.
The country recorded 74,073 police-reported cybercrimes in 2022, up from 71,727 in 2021 and 33,893 in 2018, Statistics Canada data shows.
Experts have long warned that cybercrimes tend to go underreported due to the stigma, shame and repercussions victims often experience.
Cybersecurity expert Jon Ferguson said the London Drugs breach was “obviously significant” enough to shut down the business for several days.
Although the company has not provided details about what happened, it said it was likely “some type of ransomware.”
“A data leak after some type of request for money,” he explained. “If you want to play with the percentages, that’s probably what’s happening here in some way.”
He noted that it could also possibly be due to a lack of ability to process payments, building management or security systems or some other type of data breach.
“The biggest question and threat that people are trying to assess right now is (whether there was) loss of personal information,” he said, noting that London Drugs had said they did not believe personal data had been breached.
Ferguson, vice-president of cybersecurity and domain name system at the Canadian Internet Registration Authority, said cybersecurity attacks are a “constant,” especially in the health care sector because the breach of private information gives bad actors actors an advantage to carry out personalized and credible phishing attacks. .
“It’s very difficult today not to do business with a company that has had some kind of impact because it’s so prevalent these days,” he said.
Ferguson said the London Drugs situation served as a reminder to both businesses and individuals to protect themselves against cyberattacks, including updating software on devices and using two-factor authentication.
“Organizations of any size and individuals are susceptible to this type of problem,” he said. “We need to focus on being proactive rather than footing the bill when bad things happen.”
This report by The Canadian Press was first published April 29, 2024.