• United States



UK Editor

Royal Mail suffers “severe disruption” after cyber incident

Jan 11, 20232 mins

UK National Cyber Security Centre (NCSC) is aware of the incident affecting Royal Mail Group Ltd and is working with the company and the National Crime Agency to understand the impact.

malicious email with skull and crossbones
Credit: Natali Mis / Getty Images

The Royal Mail has suffered “severe disruption” to some of its services after experiencing a cyber incident. In a statement, the company – which provides mail collection and delivery services throughout the UK – announced that it was temporarily unable to despatch items including letters and parcels to overseas destinations due to unspecified cyber disruption. The UK National Cyber Security Centre (NCSC) said it is aware of the incident affecting Royal Mail Group Ltd and is that it is working with the company and the National Crime Agency to fully understand the impact.

Customers urged to stop submitting export items, import operations face minor delays

Royal Mail urged customers to temporarily stop submitting export items into the network as it works to resolve the issue. “Some customers may experience delay or disruption to items already shipped for export,” the company stated. “Our import operations continue to perform a full service with some minor delays. Our teams are working around the clock to resolve this disruption and we will update customers as soon as we have more information.”

The Royal said that it immediately launched an investigation into the incident and is working with external experts to assess it further. “We have reported the incident to our regulators and the relevant security authorities. We would like to sincerely apologise to impacted customers for any disruption this incident may be causing.”

CSO will follow this story and publish updates as more information becomes available.

Update: January 13, 2022: Cyber incident linked to Russian ransomware attack

On January 12, a report from the BBC claimed that the “cyber incident” the Royal Mail suffered was a ransomware attack linked to Russian criminals. “The ransomware used in the attack is “Lockbit”, according to a source close to the investigation,” the BBC wrote. The BBC also claimed to have seen a ransom note sent by the criminals to Royal Mail which read “Your data are stolen and encrypted.”

A Royal Mail spokesman declined to comment on whether the attack was ransomware, but repeated warnings to customers that there is no end in sight to delivery disruption.

UK Editor

Michael Hill is the UK editor of CSO Online. He has spent the past 8 years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

More from this author