Royal Mail CEO Simon Thompson has confirmed that a cyberattack is to blame for the ongoing disruption at the U.K. postal giant.
The admission comes almost a week after Royal Mail first said it was hit by an unspecified “cyber incident” that left the British mail service unable to dispatch items to overseas destinations.
“We’ve confirmed that we’ve had a cyberattack,” Thompson told a U.K. parliamentary committee on Tuesday in response to questions from lawmakers. Thompson added that while the mail service believes that no customer data was compromised in the attack, the organization is prepared for that situation to change and has already notified the U.K. data protection regulator, the Information Commissioner’s Office, as a precaution.
Thompson — who gave evidence to lawmakers during a session about Royal Mail’s ongoing dispute with its union workers — declined to comment on specifics of the cyberattack, claiming that discussing details of the incident would be “detrimental” to the ongoing investigation. Thompson said that the postal service continues to experience disruption to its international export services following the cyberattack.
Royal Mail has yet to confirm when this disruption is likely to end — compounded by existing backlogs and delays that have arisen from strike action — but Thompson said a “workaround” should be available soon.
“For export parcels and letters through our postal services… we are no longer able to provide that service,” he said. “The team have been working on workarounds so that we can get the service up and running again.” Thompson added that the Royal Mail will have “more news to share” soon.
There remains plenty of unanswered questions about the Royal Mail’s cyberattack, such as the nature of the incident and who is responsible.
Some media reports have claimed that Royal Mail was the target of ransomware that compromised machines used to print customs labels for parcels sent to overseas destinations. A public-facing representative for LockBit, a ransomware group accused of launching the attack on the postal service, initially denied involvement, and pointed blame to other hackers using the gang’s leaked ransomware builder software. Brett Callow, a ransomware expert and threat analyst at Emsisoft, shared a post from the LockBit representative seemingly admitting that LockBit affiliates were responsible for the attack.
TechCrunch has yet to verify LockBit’s involvement, and Royal Mail has not been listed on the gang’s dark web leak site. When reached by email, Royal Mail spokesperson Mark Street declined to comment.
Okta has confirmed that it’s responding to another major security incident after a hacker accessed its source code following a breach of its GitHub repositories. The identity and authentication giant said in a statement on Wednesday that it was informed by GitHub about “suspicious access” to its code repositories earlier this month. Okta has since […]
Google’s cell network provider Google Fi has confirmed a data breach, likely related to the recent security incident at T-Mobile, which allowed hackers to steal millions of customers’ information. In an email sent to customers on Monday, obtained by TechCrunch, Google said that the primary network provider for Google Fi recently informed the company that there had been suspicious […]
Facebook announced today that it’s introducing more comment moderation tools and controls to make it easier for creators to manage conversations on the social network. Creators will now be able to search comments by keywords, including emojis, commenter names and dates, on their posts and take bulk actions, such as liking or hiding. These new […]
Leave a Reply