Royal Mail outage: CEO confirms cyberattack

No data breach spotted - yet

As well as the cyberattack Royal Mail is also facing strike action by CWU members, leading to massive service disruptions

Image:
As well as the cyberattack Royal Mail is also facing strike action by CWU members, leading to massive service disruptions

Royal Mail CEO Simon Thompson has confirmed the ongoing disruption at the postal giant, which is still stopping people from sending packages overseas, is the result of a cyberattack.

"We've confirmed that we've had a cyberattack," Thompson told lawmakers in a hearing with the Business, Energy and Industrial Strategy (BEIS) committee on Tuesday.

Royal Mail has seen no evidence of a data breach so far, but has notified the UK Information Commissioner's Office (ICO), which oversees data privacy.

The BEIS committee hearing was held to discuss the continuing dispute between Royal Mail and its union employees, who have been striking in recent months.

Thompson declined to discuss the details of the attack, saying it would be "detrimental" to the ongoing inquiry.

However, he said Royal Mail would be able to provide more information "in the very, very near future".

Royal Mail has not indicated when the disruption will end, but Thompson said a "workaround" should be available shortly.

"For export parcels and letters through our postal services… we are no longer able to provide that service," he said.

"The team have been working on workarounds so that we can get the service up and running again."

There are still many unanswered questions about the Royal Mail cyberattack, including its nature and its perpetrators.

The incident first came to light last week when Royal Mail said that it was temporarily unable to deliver packages and letters internationally. The firm, which was privatised in 2013, urged customers not to post foreign export items until further notice, to avoid a build-up on the company's network.

A report by The Telegraph said Royal Mail was the target of a ransomware attack by the Lockbit gang, or at least someone using their encryptors. It also claimed the attack forced Royal Mail's printers, used for customs dockets, to print ransom notes, and encrypted systems used for international shipping.

Lockbit's public-facing representative initially denied participation, blaming other hackers for using the gang's leaked ransomware builder software.

However, Brett Callow, a threat analyst at Emsisoft, shared a post from the Lockbit representative that seemed to admit Lockbit affiliates were responsible for the attack.

Royal Mail has faced many challenges in the last year, including a series of strikes as part of a long-running dispute over salaries and working conditions.

Members of the Communication Employees Union (CWU), which represents over 115,000 Royal Mail postal workers, went on strike for 18 days last month over wages, jobs and working conditions.

The strike was also held on important shopping days during the Black Friday sales season.

At the hearing with the BEIS committee, CWU said Royal Mail is "waging war" against its employees, and that postal workers were being undermined and undervalued.

Throughout the dispute Thompson has come under heavy fire, notably from the company's previous CEO Rico Back, who called his lack of experience and expertise in logistics "a toxic mixture".