Royal Mail, the UK postal service, experienced a cyberattack on March 31, leading to the alleged exfiltration of 144 GB of data. Although the postal service systems remained unaffected, compromised data purportedly included confidential documents, personal customer information, delivery addresses, Zoom meeting recordings, MailChimp mailing lists, and a WordPress SQL database. An investigation is ongoing to determine the impact of the breach on Spectos, a Royal Mail supplier. Only a single email address was confirmed among the exposed data, according to Cybernews researchers, suggesting the effects may be limited.

Royal Mail Hit by Russia-Linked Ransomware Attack, Disrupting International Deliveries Royal Mail, a critical part of the UK’s national infrastructure, has been targeted in a ransomware attack linked to Russian cybercriminals, causing severe disruptions to international mail services. The incident, first reported on Wednesday, has left the postal service unable to send letters and parcels overseas, with no immediate resolution in sight. The attack, attributed to the LockBit ransomware group, has encrypted Royal Mail’s back-office systems, which handle overseas dispatch, tracking, and tracing. While domestic deliveries remain unaffected, minor delays have been reported for incoming international post. A ransom note seen by the BBC warned that data had been "stolen and encrypted," with criminals likely demanding payment in cryptocurrency to prevent the release of sensitive information. The UK’s National Crime Agency (NCA) and National Cyber Security Centre (NCSC), part of GCHQ, are investigating the breach. Sources indicate that while the ransom demand could reach millions, workarounds are being developed to restore operations. Royal Mail has advised customers to avoid sending international mail until further notice, though some pre-existing shipments may still face delays. LockBit, a ransomware strain with strong ties to Russian cybercrime networks, has been used in numerous high-profile attacks globally. The group typically sets deadlines for payment, threatening to leak stolen data if demands are not met. The attack compounds existing challenges for Royal Mail, which has faced recent labor disputes and operational hurdles. The incident underscores the growing threat of ransomware to critical infrastructure, with potential ripple effects on businesses and individuals reliant on international postal services.

In January 2023, Royal Mail was hit by a ransomware attack by LockBit, halting international deliveries. While Royal Mail refused the £65.7m ransom, the financial repercussions were severe, including revenue losses and a £10m expense on ransomware remediation. The incident highlights the crippling financial consequences of ransomware on critical infrastructure like postal services.

Royal Mail's suffered a data breach incident after which its Click and Drop website was disabled as technicians work to fix a data breach that has allowed some customers to see other people's orders. The users were not able to dispatch anything today, as Click and Drop bugged out and started showing users other users' orders. However, it investigated the incident in order to fix the IT issue and resolve the services as soon as possible.