UK Cyber-Crime Agencies Probing Suspected Royal Mail Attack

Royal Mail said it’s working with Britain’s cyber-security agencies to resolve an incident that has effectively halted overseas postal and parcel deliveries.

(Bloomberg) — Royal Mail said it’s working with Britain’s cyber-security agencies to resolve an incident that has effectively halted overseas postal and parcel deliveries.

The UK business warned Wednesday that people should hold off on posting export items after a cyber incident triggered “severe service disruption,” rendering it unable to dispatch to international locations. A spokesman said Thursday that the situation has yet to be resolved.

“Our teams are working around the clock to resolve this disruption and we will update customers as soon as we have more information,” Royal Mail said in a statement. “We immediately launched an investigation into the incident and we are working with external experts.”

Britain’s National Cyber Security Centre, which helps companies avoid attacks and minimize harm where they do occur, said on its website it’s cooperating with Royal Mail and the National Crime Agency “to fully understand the impact” of the event.

Royal Mail said the incident revolves around software that creates digital dockets for export deliveries, warning that some customers may experience delays to items already shipped.

Domestic business, which accounts for the bulk of operations, isn’t affected. The import arm scans items in separately and is continuing to offer a full service, albeit with minor delays.

‘Core Systems’

There are also only slight delays at Parcelforce, Royal Mail’s express courier division, which includes an international service.

Paul Holland, chief executive officer of secure digital communications specialist Beyond Encryption, said the immediate impact on Royal Mail operations suggests the company suffered “an attack on their core systems.”

He said in an email that it’s difficult to predict how quickly the situation will be resolved, though there’s a likelihood of significant long-term effects.

The cyber incident comes as Royal Mail grapples with a wave of industrial action over pay for delivery and sorting-office staff as higher inflation increases living costs.

Workers are also resisting plans to cut jobs and refocus rounds on the late afternoon and evening while increasing weekend deliveries, in order to better address the burgeoning market for next-day parcel deliveries tied to a boom in online purchasing.

Shares of Royal Mail parent International Distributions Services Plc traded little changed as of 11:06 a.m. in London on Thursday, after dropping 0.8% Wednesday.

(Updates with nature of incident in fifth paragraph, comment from cyber-security expert in eighth.)

More stories like this are available on bloomberg.com

©2023 Bloomberg L.P.