LockBit claimed the attack on London Drugs and demanded $25 million ransom (reportedly offered $8 million). All 79 Western Canada stores closed 28 April–7 May 2024. Corporate head office data exfiltrated including internal employee records, immigration applications, sexual harassment complaints, and termination letters. No patient or customer databases confirmed compromised. London Drugs refused to pay. LockBit published the data. 24 months of complimentary credit monitoring offered to all current employees. Attack came roughly 3 months after law enforcement disrupted LockBit’s infrastructure in Operation Cronos (Feb 2024).