Owner of Sobeys, Safeway stores tight-lipped on IT problems impacting pharmacies

CBC

November 8, 2022 at 3:53 p.m.·5 min read

Sobeys and other stores owned by parent company Empire are dealing with an information technology systems issue that has impacted some operations across the country. (Craig Paisley/CBC - image credit)

Two major Canadian food companies continue to keep mum about information technology problems that have plagued their operations for days and as the silence drags on, some experts say a ransomware attack could be behind the issues.

Empire Company, which owns 1,500 stores across Canada, including Sobeys, Lawtons, IGA, Safeway, Foodland, Needs and other grocery outlets, said Monday an "information technology systems issue" was causing some of its pharmacies to experience difficulty fulfilling prescriptions. Signs posted at some stores also said the gift card and Scene points systems were down.

The company has not released any further information about the issues affecting the chain, and did not respond to questions posed by CBC News on Tuesday.

Meanwhile, Maple Leaf Foods says it's continuing to grapple with the effects of a cybersecurity incident that began having impacts on its operations over the weekend.

The company says it's working with cybersecurity experts to resolve the issue and investigate the root cause of the incident.

"Our team has been working tirelessly in creating workarounds for affected systems and processes, and all of our sites ran yesterday," a statement from the company said Tuesday morning.

"However, the outage is continuing to create some operational and service disruptions that vary by business unit, plant and site."

The company has not explained the exact nature of the cybersecurity incident, or detailed how it has affected operations.

Silence may be telling

Ritesh Kotak, a cybersecurity adviser and tech analyst, told the CBC's Information Morning Nova Scotia on Tuesday he suspects a breach has taken place at both companies.

"Sometimes it's not the information they give us, it's what they don't give us. And when you use such vague language such as an 'IT incident' and then Maple Leaf Foods comes out and says no, it's a cybersecurity incident and we have hired recovery experts, makes me think that it's probably a third-party system that is used by grocery chains that had some sort of vulnerability in it that was exploited by hackers and hit with ransomware."

Kotak said sometimes it doesn't take much to put an entire system at risk.

"I would say the most dangerous thing you're probably going to do today is open email.… Sometimes it's literally as simple as clicking on a link, downloading something, and before you know it, your system is infected. But then it has a ripple effect where it literally goes and jumps from computer to computer, server to server, thus locking down and infecting entire infrastructures."

If ransomware — malicious software that locks down a system's data until ransom is paid — is indeed the issue facing Maple Leaf or Empire, Kotak said he believes companies should resist paying the ransom because there's no guarantee the hackers will relinquish control of the system, they may demand even more payments, and the money is often used to fund organized crime or terrorist activities.

"This money, it doesn't go to somebody in their basement. It's organized, it's sophisticated, there's entire networks and it goes on to fund nefarious activities."

'Nobody wants to admit that'

Most companies are reluctant to admit they've been hacked, says Carmi Levy, an independent technology analyst based in London, Ont.

"If you admit that you were hit by a ransomware attack, then you admit that you didn't invest enough in cybersecurity and you didn't take your clients' and stakeholders' data seriously enough. And nobody wants to admit that — it's like the modern day equivalent of the Scarlet Letter."

Robert Hudema with the Ted Rogers School of Management at Toronto Metropolitan University, agrees.

"This is totally embarrassing for a company, saying I was held hostage and I had to pay a fine," Hudema said. "A lot of companies are reluctant to spend money on things that are equivalent to fire extinguishers or alarms or things like that to prevent bad things from happening, and as a consequence, bad things happen."

But Levy said he believes it's a good thing when companies talk about cyberattacks because it normalizes the issue.

"It's a matter of when, not if that every company that we deal with will probably be affected by some sort of cybersecurity incident. So let's not write off the companies that are targeted. Let's recognize that this is a regular fact of life in the modern digital age and we could be victimized just as easily as anyone else."

Lack of transparency

Cybersecurity expert David Shipley of Beauceron Security said he has a lot of empathy for the IT teams and senior executives who have to deal with cybersecurity problems.

"This is probably the worst week of their lives," he told Information Morning Fredericton.

He said companies tend to clam up because they are facing pressure from their insurance companies, lawyers and regulators and concerns about share prices may also be hanging over their heads.

Shipley said there is also a tendency to "victim-blame" companies that are targeted by well-financed cybercriminals.

"The reality is, if it is a ransomware attack, these groups are run like international businesses and they're damned good at what they do and it's almost impossible to protect any organization 100 per cent of the time."

Shipley praised Maple Leaf for being transparent about its cybersecurity issue, and said companies such as Empire, which are publicly traded, may have to disclose any financial losses stemming from its IT issue in its quarterly or annual statements.

But he said there should be more disclosure and accountability from regulators, similar to the airline industry which must reports on incidents that affect safety and security.

"The reality is there are not a single law on the books that says that Canadians deserve to know what happens with this," he said.

"But we depend on food delivery even more than we depend on the airline industry and it impacts Canadians every single day. But we have zero accountability with that."

MORE TOP STORIES

HuffPost
New Poll Finds 1 Democrat Absolutely Trouncing Trump
Just one problem: This person doesn't seem interested in running, should the opportunity arise.
The Daily Beast
Obama Privately Goes Shaky After Offering to Prop Up Biden
Former President Barack Obama has reportedly told allies that Joe Biden’s disastrous debate performance has made his bid to win back the White House even tougher than it had been previously.The Washington Post reports that Obama gave a harsher private assessment of Biden’s chances of re-election following the debate despite publicly trying to ease concerns by tweeting that “bad debates happen.”The outlet reported that Obama “spoke directly with Biden by phone after last Thursday’s debate to offe
Miami Herald
Florida Keys sailboat was a floating house of horrors for children, cops say
Florida Keys police opened their investigation after the FBI arrested him.
The Canadian Press
Irish prime minister 'appalled' by Canadian tourist's death after alleged assault
MONTREAL — Ireland's prime minister says he's "absolutely appalled" by an assault in the country's capital that resulted in the death of a tourist from Montreal. Simon Harris on Wednesday described Neno Dolmajian's death in Dublin as "reprehensible" and "horrific" and told parliament the death is now being investigated as a murder. "I'm absolutely appalled at the recent vicious attack in Dublin city centre which resulted in the death of a young man, Neno Dolmajian, and my thoughts are with his l
The Daily Beast
Trump Caught on Video Claiming ‘Broken-Down’ Biden Has Quit: ‘It’s Kamala’
Donald Trump delivered a brutal assessment of Joe Biden’s performance against him in last week’s presidential debate, calling the president a “broken-down pile of crap” teetering on the verge of “quitting the race” in a video provided by a source to The Daily Beast.“He just quit, you know—he’s quitting the race,” Trump says, sitting in a golf cart. “I got him out of the—and that means we have Kamala.”Later in the clip, he fawns over Chinese President Xi Jinping, calling him “a fierce man, very t
HuffPost
Tyranny Expert Sums Up A Donald Trump Win With 2 Ominous Words
Timothy Snyder succinctly predicted what will happen “unless Trump loses.”
People
How Much Do Dallas Cowboy Cheerleaders Make? A Breakdown of Salaries Mentioned in “America's Sweethearts”
Netflix's docuseries 'America's Sweethearts: Dallas Cowboys Cheerleaders' has sparked conversations about the salaries of NFL cheerleaders
Entertainment Weekly
Karine Jean-Pierre, NBC's Kelly O'Donnell pause conference to call out journalist's 'inappropriate' Joe Biden joke
"That's inappropriate," O'Donnell said during the press conference, pointing behind her to an off-camera colleague.
Hello!
Prince Harry's cousin Lady Amelia Windsor is a festival babe in retro bikini and flares
Lady Amelia Windsor modelled a tiny bikini top with bold festival flares as she partied with friends at Glastonbury - see photos.
The Canadian Press
House Democrat is proposing a constitutional amendment to reverse Supreme Court's immunity decision
WASHINGTON (AP) — A leading House Democrat is preparing a constitutional amendment in response to the Supreme Court's landmark immunity ruling, seeking to reverse the decision “and ensure that no president is above the law.”
The Wrap
Stormy Daniels Notes if Trump Could Prove She Lied, ‘He’d Have Whipped His Junk Out a Long Time Ago’ | Video
The former adult actress talks to Rachel Maddow about her testimony in Trump's business fraud trial The post Stormy Daniels Notes if Trump Could Prove She Lied, ‘He’d Have Whipped His Junk Out a Long Time Ago’ | Video appeared first on TheWrap.
The Daily Beast
Daughter, Zara Tindall, ‘Shaken to the Core’ by Princess Anne’s Amnesia
Zara Tindall has been left “shaken to the core” by her mother Princess Anne’s mystery encounter with a horse which left her with a brain injury that has resulted in amnesia, according to a report.OK! Magazine says that Zara, 43, has been left freaked out by the incident which saw Anne, 73, also known as The Princess Royal, struck by a horse while she was out walking, alone, on Sunday, June 23, at her home, Gatcombe Park, in the Cotswolds.She was treated at the scene and then hospitalized for fiv
PA Media: UK News
‘Sex predator’ teacher facing jail
Rebecca Joynes, 30, had a baby with one of the two schoolboys she groomed.
Cosmo
Bikinis, sheer 'fits and hotel robes: Alix Earle nails the Italy holiday wardrobe
We have been loving the Instagram outfit pictures of Alix Earle's bikinis, crochet dresses and hotel robes complete with a hair towel from her holiday to Italy.
People
Firefighter Interrupted Ex's Date at Olive Garden with New Woman, Then Keyed Car Before They Vanished
Chandler Kuhbander and Raegan Anderson were found dead Sunday about 400 miles away, following a weeklong search
The Independent
Melania ‘cuts deal with Trump’ about her future role if he wins the White House
Melania plans to split her time between Washington DC and New York, where the couple’s son Barron Trump is expected to attend NYU
HuffPost
Robert F. Kennedy Jr. Faces Backlash For Photo Alleged To Be Barbecued Dog
Vanity Fair published a profile of the independent presidential candidate that included the alarming picture.
The Canadian Press
FACT FOCUS: Trump wasn’t exonerated by the presidential immunity ruling, even though he says he was
Former President Donald Trump on Tuesday misrepresented in a social media post what the U.S. Supreme Court’s Monday ruling on presidential immunity means for his civil and criminal cases.
Yahoo Canada Style
Connor McDavid’s fiancée Lauren Kyle celebrates upcoming wedding at bridal shower: See their relationship timeline
The pair are set to tie the knot this summer.
Simply Recipes
I Asked 5 Chefs To Name the Best Potato Chips, They All Said the Same Brand
The winner is crrrunchy!

Latest Stories