Royal Mail cyber attackers threaten to publish stolen data

Cyber attackers who have targeted Royal Mail are threatening to publish stolen information online.

On Wednesday, the postal service warned customers of disruption due to a “cyber incident” affecting computer systems used to send items abroad.

The company reportedly received a ransom note appearing to be from LockBit, a hacker group thought to have close links to Russia.

According to multiple reports, a ransom note sent by the criminals to Royal Mail read: “Your data are stolen and encrypted.”

In a statement following the incident, the Royal Mail said: “We have asked customers temporarily to stop submitting any export items into the network while we work hard to resolve the issue.

“Some customers may experience delay or disruption to items already shipped for export. Our import operations continue to perform a full service with some minor delays.

“Our teams are working around the clock to resolve this disruption and we will update customers as soon as we have more information,” they continued.

“We would like to sincerely apologise to impacted customers for any disruption this incident may be causing.”

The ransom demand is understood to be in the millions, and the incident has been reported to the UK’s government-run National Cyber Security Centre, the National Crime Agency and the Information Commissioner’s Office.

open image in gallery

Ransomware is malicious computer software that encrypts data and locks systems, posing a persistent threat to organisations around the world, with attacks happening almost daily.

The Royal Mail has also been heavily impacted by strike action in recent weeks, with plans to approve further industrial action in a dispute over pay and working conditions.