- Select a language for the TTS:
- UK English Female
- UK English Male
- US English Female
- US English Male
- Australian Female
- Australian Male
- Language selected: (auto detect) - EN
Play all audios:
The Russian-linked LockBit ransomware gang has claimed responsibility for the Royal Mail cyberattack and is threatening to publish the data it stole from the U.K. postal giant. Royal Mail,
which has been battling a cyberattack since January 10, was added to LockBit’s dark web leak site on Monday. The listing, seen by TechCrunch, doesn’t say how much or what types of data have
been stolen from Royal Mail, but LockBit is threatening to publish “all available data” on February 9. This suggests that the ransomware gang’s ransom demand — the amount of which remains
unknown — has not been paid. Royal Mail has yet to acknowledge the LockBit ransomware attack, but Royal Mail spokesperson Mark Street told TechCrunch that the company is aware that “an
unauthorized third-party has said it plans to publish some data allegedly obtained from our network.” Street added that Royal Mail believes the “vast majority of this data is made up of
technical program files and administrative business data,” adding that “all of the evidence suggests that this data contains no financial information or other sensitive customer
information.” Royal Mail’s chief executive previously said it was believed that no customer data had been stolen as part of the attack. LockBit’s public-facing representative LockBitSupp,
who previously denied involvement in the Royal Mail attack and blamed it on other threat actors using LockBit’s leaked builder, did not respond to TechCrunch’s questions. The Information
Commissioner’s Office, the U.K.’s data watchdog, confirmed to TechCrunch that it had been made aware of the incident. “Royal Mail has made us aware of an incident and we will be making
enquiries,” said an ICO spokesperson, who did not provide their name. Royal Mail said it continues to experience service disruption as a result of the incident, now more than a month ago. In
an update dated February 7, the company said that while it continues to “make progress” by using alternative solutions and systems not affected by the cyberattack, it remains unable to
process international parcels at Post Office branches across the United Kingdom. “Royal Mail is still asking customers to buy postage online before heading to their Post Office branch to
drop off their items, as it remains unable to process any new parcels bought over the counter,” the company said. “Our teams are continuing to work around the clock to reinstate remaining
export services as quickly as we can.” Some reports claimed that Royal Mail was the target of ransomware that compromised machines used to print customs labels for parcels sent to overseas
destinations. Royal Mail ships to more than 200 countries and territories, and sent about 200,000 parcels overseas every day last year, according to the BBC. The latest development in the
Royal Mail cyberattack comes just days after LockBit claimed responsibility for a ransomware attack on Ion Group, a Dublin-based software company that helps financial institutions automate
their critical business processes. A representative for LockBit told Bloomberg that the ransom was paid and that the gang had provided a decryption key to unlock the compromised computers.
Ion spokesperson Suezelle D’Costa declined to comment when approached by TechCrunch. > Royal Mail warns of severe disruption after ‘cyber incident’
