Hackers that have compromised Royal Mail’s data engine in a ransomware attack announced on Wednesday have issued a ransom for payment to stop the data being leaked.
The culprits are a criminal gang called LockBit. Acknowledging the disruption, Rail Mail stated it was seeing a severe impact on its operations to ship packages and letters internationally, asking for parcels not be posted until after the matter is resolved.
Despite this, import operations will “perform a full service with only some minor delays”. “Our teams are working around the clock to resolve this disruption and we will update customers as soon as we have more information”.
Lockbit is thought to operate from Russia. The Financial Times has reportedly obtained proof of the ransomware attack. In an address to Parliament, Royal Mail CEO Simon Thompson said: “We’ve confirmed that we’ve had a cyberattack”, although he believes that LockBit are mounting pressure compounded already by strike action despite not actually having compromised any data.
Lockbit has unleashed attacks affecting over 40 organisation in the last month but Royal Mail is so far the largest scandal-hit company, which harbours a customer base of 29 million addresses across the UK. At a distribution centre in Northern Ireland, workers have reported that printers involuntarily printing notes reading ““your data are stolen and encrypted”.
Royal mail does harness a customer-facing digital identity interface (EasyID) to confirm customers when they collect parcels.