London Drugs begins to gradually reopen stores after cyberattack
London Drugs is gradually reopening its stores across Western Canada, six days after it shuttered all locations due to a "cybersecurity incident," the retail and pharmacy chain said.
It is working with its nearly 80 stores in British Columbia, Alberta, Saskatchewan and Manitoba individually to get them up and running, said the retailer, headquartered in Richmond, a suburban city about 16 kilometres south of Vancouver.
"We ask for patience as we work with each store to ensure it is operating fully to meet the needs of our customers, and therefore we will not be communicating which stores are opening and when," London Drugs said in a Saturday statement. "No interviews will be conducted at this time."
"We are continuing to work with our third-party cybersecurity experts to bring our systems online in a safe and secure manner," the company said.
On Sunday, 28 of the chain's 79 locations had reopened, according to its website. That includes 22 of its 52 stores in B.C.
Pharmacists are available at all stores for emergency prescription and urgent care needs, and Canada Post offices located within stores are also open, according to London Drugs.
Customers in need of pharmacy help are asked to visit stores in person for assistance. The Insurance Services Call Centre is also open to assist clients.
"We are grateful for the patience and support of our customers and suppliers as we work to bring all services and systems at our stores back to full operation following this cybersecurity incident," president and chief operating officer Clint Mahlman said in the statement.
WATCH | London Drugs locations shuttered by cyberattack:
The company closed all of its stores across Western Canada until further notice after the cyberattack was discovered on April 28. The retailers' phone system was also down earlier in the week.
London Drugs is rebuilding its data infrastructure with the help of third-party experts to bring its operations safely back online, according to the statement.
There are billions of lines of data and code to review, the retailer said, adding its teams have been working around the clock and are making progress.
"Any systems we are using have been thoroughly tested for safety and verified by third-party cybersecurity experts. We are only turning on systems we have full confidence are safe and secure."
The company said its investigation so far shows no evidence that customer databases have been compromised, including for pharmacy patients and its LDExtra members.
It said the impact of the breach on operations has been significant, and the restoration process is rigorous.
Experts have said the breach should be a wake-up call for large companies to take cybersecurity seriously and to train employees on how to spot potential attempts to infiltrate a company's systems.
Repairing customer relationships key, expert says
While some customers told CBC they are happy to see their local London Drugs stores up and running again on Sunday, one business expert noted there is hard work ahead for the company to repair its relationship with loyal shoppers.
Andrew Harries, the Tom Foord Associate Professor of Practice in Entrepreneurship and Innovation at Simon Fraser University, said although London Drugs handled the cyberattack professionally, it could have done more.
"You need to hold onto — and continue to show empathy and love — to your most loyal customers," he told CBC on Sunday. "You need to be over-communicating, so people say, 'holy cow, those guys are really showing me the love.'
"And I think that in this particular case the focus has been on what's happening at a relatively technical level, and that regular emotional relationship maintenance has not been present."
LISTEN | Local cybersecurity expert discusses London Drugs:
Harries says London Drugs needs to communicate clearly about when and where stores are open, and which services are available, through its loyalty program or in emails to customers. The chain could also consider promotions or discounts to encourage customers to return and shop at stores once they are open, he said.
Harries gave the chain credit for not reopening until its systems could do so safely, and said the cyberattack won't necessarily harm the company if it works hard to rebuild customer trust.
"The Canadian shopper is getting fed up with the big national chains and the prices that they're charging, [so] there's an opportunity for a locally owned company ... to come back stronger than ever," Harries said.