Earlier this week, the UK’s Royal Mail suffered a “severe service disruption” due to a cyber incident. The issue has disrupted only international shipping; domestic mail remains unaffected.
⚠️ Our statement on the incident affecting @RoyalMail Group this evening:
“We are aware of an incident affecting Royal Mail Group Ltd and are working with the company, alongside the National Crime Agency, to fully understand the impact.”
— NCSC UK (@NCSC) January 11, 2023
We're experiencing disruption to our international export services and are temporarily unable to despatch items to overseas destinations.
Please do not post any export items while we work to resolve the issue.
Sorry for any disruption this may cause.
— Royal Mail (@RoyalMail) January 12, 2023
Note
- To prevent massive backlogs, Royal Mail is asking customers to not post international items until further notice. They also subscription to service update emails so users can remain informed. The Royal Mail Label/Marking system used for international items was taken out by LockBit ransomware. It is not clear if this was the genuine LockBit, or another actor using the leaked LockBit 3.0 ransomware builder, which could mean the data is not decryptable. To add to the impact, Royal Mail is also involved in a dispute with the Communication Workers Union, over pay and conditions, and is threatening another strike; I bring this up as a scenario to consider in your BCP efforts. Understand where your fallback plan can fail and decide what you’re going to do if it happens now, rather than later, to include management buy-in.
Read more in
