Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Pharmacy. Show all posts

LockBit Ransomware Gang Claims Responsibility for London Drugs Cyberattack






In a recent turn of events, the LockBit ransomware gang has claimed responsibility for the cyberattack on Canadian pharmacy chain London Drugs, which occurred in April. The cybercriminals are now threatening to release sensitive data online after reportedly unsuccessful negotiations with the company.

London Drugs, which employs over 9,000 people across 80 stores in Alberta, Saskatchewan, Manitoba, and British Columbia, was forced to shut down all its retail locations following the April 28 cyberattack. At the time, the company assured the public that there was no evidence indicating that customer or employee data had been compromised.

Despite these reassurances, the LockBit gang has now listed London Drugs on its extortion portal, threatening to publish stolen data unless a $25 million ransom is paid. London Drugs, however, has stated that they are both unwilling and unable to meet this ransom demand.

On May 9, Clint Mahlman, London Drugs' President and Chief Operating Officer, reiterated that a forensic investigation conducted by third-party cybersecurity experts found no evidence of compromised customer databases, including health data. Nevertheless, as a precautionary measure, the company has notified all current employees and offered 24 months of complimentary credit monitoring and identity theft protection services.

The company’s website remains down, displaying an error message indicating an internal server issue. London Drugs has acknowledged that the ransomware gang's claims about stealing files from its corporate head office could potentially include employee information, although they have not provided specifics on the nature or extent of the data possibly impacted.

LockBit, a ransomware-as-a-service operation that surfaced in September 2019, has a notorious history of targeting high-profile organisations worldwide. Despite a significant law enforcement operation in February 2024 that dismantled part of their infrastructure and seized numerous decryption keys, the gang continues to be active. They have moved to new servers and dark web domains, continuing to launch attacks and release stolen data.

The ransomware group has stated that negotiations with London Drugs initially involved an offer of $8 million from the company, a claim for which they provided no evidence. London Drugs maintains that they did not offer any ransom and continues to take all available steps to mitigate the impact of the cyberattack.

Shawnigan Lake-based threat analyst Brett Callow noted that his cybersecurity company, Emsisoft, was immediately aware of LockBit's listing due to their dark net tracking tools. He emphasised the real risk that LockBit might follow through on their threat to release the stolen data.

Authorities have highlighted that LockBit, dominated by Russian-speaking individuals, has no known connections to state-sponsored activities. The ransomware group has previously been linked to several high-profile attacks, including those on Boeing, the Continental automotive giant, and the UK Royal Mail.

London Drugs continues to investigate the extent of the breach and is in contact with relevant authorities. The company has also reassured that it will notify affected individuals in compliance with privacy laws should any customer or employee data be found compromised.

The ongoing saga of LockBit's attacks is a telling marker of the persistent threat of ransomware, stressing upon the importance of robust cybersecurity measures and proactive responses to such incidents.


Locking Down ChatGPT: A User's Guide to Strengthening Account Security

 



OpenAI officials said that the user who reported his ChatGPT history was a victim of a compromised ChatGPT account, which resulted in the unauthorized logins. OpenAI has confirmed that the unauthorized logins originate from Sri Lanka, according to an OpenAI representative. According to the user, he logged into his ChatGPT account from Brooklyn. 

In the leaked private conversation, the employee appeared to be troubleshooting an app; the name of the app and the location where the problem occurred were also listed. According to reports in ArsTechnica, there is a report that private conversations on ChatGPT were leaked. 

Among the details leaked are login credentials and other personal information of unrelated users. The report also provided screenshots submitted by the alleged hacker of the account. Several screenshots have been shared, including several pairs of passwords and usernames that appeared to be related to a support system that is used by pharmacy employees to assist with prescription drug ordering. 

Any personal data you share in your chat history can be accessed by hackers if your OpenAI account is hacked. Even though this makes perfect sense, it is very strange that you can gain access to information from other compromised accounts, especially in the context of security threats. 

When using OpenAI, you need to make sure you use a strong password to secure your ChatGPT history as it does not provide multi-factor authentication. To ensure that your OpenAI account is secure, you will need to follow basic security measures similar to those that you would take with any other online account. 

Almost everybody does not want to memorize a long passphrase, which includes letters, numbers, symbols, and cases, not to mention a different passphrase for every account. This is why there are password managers out there. 

It is important to note that if you do not use the built-in password manager on your phone, laptop or browser, you will want to visit the Best Password Managers page for help in choosing the best password manager for your situation. If you suspect any account may have been compromised, you should change your password immediately to a long, unique passphrase. 

The user, Chase Whiteside, has since changed his password but is not convinced that his account has been compromised. According to him, he used a password with nine characters, including upper-case letters and lower-case letters, plus special characters, as well as special characters, but he said he didn't use it anywhere else but for his Microsoft account. 

When he briefly stopped using his account on Monday morning, the chat histories of other people appeared all at once. Hence, OpenAI's explanation suggests the initial suspicion that ChatGPT leaks chat histories to unrelated users may not be accurate. 

Despite these shortcomings, the report notes that the website does not contain an option for users such as Whiteside to protect their accounts using two-factor authentication or track details such as the IP address of their current and recent logins - both of which have been standard across most major platforms for some time. 

According to a November paper published in the journal Science, researchers showed how queries were used to prompt ChatGPT into divulging information that was contained within the material that was used to train the ChatGPT large language model, such as email addresses, phone numbers, fax numbers, and physical addresses. 

Several companies, including Apple, have restricted the use of ChatGPT and similar services by their employees for fear of sophisticated or proprietary data leaks among employees. There are a number of reasons for this restriction.