The CEO of Royal Mail Simon Thompson admitted on 17 January 2023 that the company was experiencing a major “cyber incident”. The cyberattack, which began the previous week, blocked overseas post and parcels. However, Simon Thompson refused to give any technical details while the investigation is underway.
A LockBit affiliate is thought to be behind the attack, although the cybercrime group has not claimed responsibility. A ransomware is thought to have blocked the information system that Royal Mail uses to handle the slips needed to send parcels overseas. Reception of letters from abroad saw minimal disruption, and the distribution of domestic post carried on as normal.
On 18 January 2023, Royal Mail said that it had resumed the despatch of letters that do not require a customs declaration to all international destinations. The company had also resumed sending limited volumes of parcels overseas. But it recommended that customers refrain from sending new parcels.
Furthermore, Royal Mail said that it continued to work with external experts, security authorities and regulators to mitigate the impact of the cyber incident. The National Crime Agency (NCA) and the National Cyber Security Center (NCSC) were also consulted.