Employer providing '24 months of complimentary credit monitoring and identity theft protection services'
Some employee personal information was compromised recently at retail and pharmacy chain London Drugs in April, the employer has confirmed.
That’s because some head office files were compromised in the cyberattack that was reported on April 28.
“We are not yet able to provide any specifics on the nature of employee personal information potentially impacted,” read an internal memo to staff seen by Global News.
“This is because there are a large number of unstructured corporate files that are not in consistent format and each must be individually reviewed.”
The cyberattack led to the closure of 79 London Drugs retail stores across Western Canada in early May. The stores have since been reopened.
Ransomware and extortion incidents went up by 67% in 2023, and cases will further soar this year, according to the 2024 Global Threat Intelligence Report from NTT Security Holdings.
In response to the cyber incident, London Drugs is providing employees – whether affected by the attack or not – with “24 months of complimentary credit monitoring and identity theft protection services,” the employer said in a statement, according to both CBC and Global News.
London Drugs is also the process of reviewing the impacted data. The employer has also informed the relevant privacy commissioners of the compromised data, and it is working with third-party cybersecurity investigators and police to investigate the initial cyberattack.
Company president Clint Mahlman also told CBC that he would not reveal the exact nature of the attack to avoid putting the company at more risk.
"These attacks have very consistent patterns," he told the CBC's Ian Hanomansing in an exclusive interview on May 8, in which he referred to "international threat actors,” according to the report.
"One of those methods is they monitor media and they look at media, social media, customer speculation as forms of intelligence to further determine if they can attack us through different ways and through different leverage points."
The percentage of IT budgets dedicated to security is growing, according to a previous CDW report. However, more than a third of employees across the world confessed that their workplace security habits are risky, according to another report.