How would you manage the crisis comms after this cyber-attack?

Ever wondered just how bad a cyber-security breach could be for your organisation?

Have you considered that it could shut down your business for days?

That may sound like the sort of tough scenario we might create to push delegates during one of our bespoke crisis communication courses.

But it just happened outside of the training room. 

London Drugs – a Canadian store rather than a dubious weekend pastime - closed more than 80 stores across Canada for what it initially described as an “operational issue” and later confirmed was a “cyber security incident”.

The company sells pharmaceuticals, groceries and electronics, and it was more than a week before it could “gradually” reopen stores. At times, its phone system also went down.

It said the closures were made out of an “abundance of caution” – a horrible phrase bringing back memories of the pandemic when caution alone was no longer deemed to be enough. 

A post on X, formerly Twitter, said: “On April 28, 2024, London Drugs discovered that it was a victim of a cybersecurity incident. Out of an abundance of caution, London Drugs is temporarily closing stores across Western Canada until further notice.

“Upon discovering the incident, London Drugs immediately undertook counter measures to protect its network and data, including retaining leading third-party cybersecurity experts to assist with containment, remediation and to conduct a forensic investigation.”

The post went on to say that pharmacists are “standing by to support any customers with urgent pharmacy needs.”

And added: “We apologise for any inconvenience caused and we want to assure you that this incident is the utmost priority for us at London Drugs.”

It is not always easy to evaluate the effectiveness of a crisis response from the other side of the Atlantic.

But we won’t let distance get in the way of bringing you the latest crisis communication case studies.  

To its credit, the company responded quickly.

And it has continued to communicate and keep customers and the media updated – a crucial part of crisis communication.

Having pharmacists available for emergency prescriptions and urgent care needs would have helped reassure worried customers. 

And creating a page on its website of the stores that had reopened was an excellent crisis response move.

Other good crisis response steps have included an update letter to customers.

And a ‘thank you’ post to customers who “supported us during our store closures”.  

But it was not all positive.

There was a line in its statements that kept leaping out.

“No interviews will be conducted at this time.”

That’s not a line we like to see.

We understand cyber security incidents tend to be complex. And it may take time to know the scale of what has happened and what has been taken.

But these crises pose a massive risk to reputations and customer relationships, especially when stores are closed and services are unavailable. 

So, wouldn’t it be better to get in front of the media and try to take control of the story?

The longer you rely on statements, the more likely it is others will fill the void. And frenzied speculation and rumour can quickly replace facts.

The company’s president, Clint Mahlman, has since said the ‘no interviews’ approach was to prevent the release of information hackers could use.

 “We apologise to the media and our customers that we couldn’t have given more details that they want, but that’s our commitment to the safety and security of our systems and our customers,” he said.

But I don’t think customers want lots of technical information.

They want to know that the company cares, that their personal information is safe and that the company is doing everything possible to quickly get things back to normal.

Compassion and empathy are crucial parts of crisis media management responses and maintaining customer relationships.

And they can come through much more clearly from an effective crisis spokesperson than a series of statements – particularly when the language used in those statements is dry and formal.


The crisis communication checklist

Download your free step-by-step guide to responding when the worst happens

The story is a reminder that organisations of any size are susceptible to cyber-attacks. And that they must be included in crisis plans and risk registers.

It also highlights that recovery can be protracted and that operations will not necessarily be restored within 24 hours.  

London Drugs will not disclose how much the store closures cost, only saying it was a “very big and dramatic decision”.

Research from internet service provider Beaming says that cyber-crime cost UK business more than £30.5 billion in 2023.

It is also estimated that around 312,000 businesses and 27,000 charities in the UK were targeted by cybercrime in the past year.

Are you prepared?


Media First are media and communications training specialists with more than 35 years of experience.

We have a team of trainers, each with decades of experience working as journalists, presenters, communications coaches and media trainers.

Click here to find out more about our crisis communication training courses.


Our Services

Media First are media and communications training specialists with over 30 years of experience. We have a team of trainers, each with decades of experience working as journalists, presenters, communications coaches and media trainers.

Ways - Online learning
Ways - Videoconference
Ways - Blended
Ways - In-Person
Training by videoconference
Identifying positive media stories
How to film and edit professional video on a mobile
Media skills refresher
Blended media skills
TV studios
Crisis communications
Presentation skills and personal impact
Media training
Message development and testing
Presentation Skills Training
Crisis communication training
Crisis management testing
Leadership Communication Training
Writing skills training
Social media training
Online learning
Open Courses
Media myth-busting & interview ‘survival’ skills workshop

Recommended Reading

Crisis management — 6 June by Adam Fisher

Crisis comms lessons from ‘one of the largest hacks in history’

Your company is at the centre of one of the biggest data hacks in history. What do you do? How do you respond to the crisis comms incident? Do you stay quiet, hope the hack is not as bad as is…

Crisis management — 21 May by Adam Fisher

‘I’m not your mum’ – the video updates that triggered a crisis

Have you heard about the tech giant plunged into crisis media management mode by its PR boss? The story has created headlines across the globe and triggered new debate about workplace cultures. It…