Delivery disruptions from U.K. continue

A week after the U.K.’s Royal Mail experienced a “cyber incident,” the company says it is still experiencing “severe service disruption” to its outgoing international postal operations, with no clear end in sight.

Why it matters: The problems have prevented a large portion of mail from leaving the U.K., leaving businesses there who rely on the service scrambling, and leading to delays for recipients around the world, according to the BBC.

• The cyberattack affected a system used by Royal Mail to prepare letters and parcels for dispatch abroad as well as to track items shipped overseas, per the BBC.
• Problems with the system first emerged last Tuesday, and Royal Mail informed customers of the issue on Wednesday, advising them to refrain from sending mail abroad, a spokesperson for the company told Axios.
• “Our teams are working around the clock to resolve this disruption and we will update customers as soon as we have more information,” the spokesperson said in a statement Tuesday. “We immediately launched an investigation into the incident and we are working with external experts.”

The big picture: The U.K.’s National Cyber Security Centre said in a statement Wednesday that it was “aware of an incident” affecting Royal Mail and that it was working with company and the National Crime Agency “to fully understand the impact.”

• Royal Mail CEO Simon Thompson testified before a House of Commons panel Tuesday, saying that despite the attack, there had been no customer data breach, Bloomberg reported.
• “We have reported the incident to our regulators and the relevant security authorities,” the Royal Mail spokesperson told Axios. “We would like to sincerely apologise to impacted customers for any disruption this incident may be causing.”

State of play: The cyberattack was allegedly perpetrated by the ransomware gang LockBit, which used “encryption to lock computers, rendering them inoperable,” Bloomberg reported.

• LockBit was one of the most prolific ransomware gangs of 2022 and its continued success underscores the pervasive threat ransomware still poses despite years of government and industry investments to fight this type of cyberattack, Axios’ Sam Sabin writes.
• In the past few weeks alone, LockBit has claimed responsibility for cyberattacks on the Housing Authority of the City of Los Angeles and the Toronto-based Hospital for Sick Children, as well as a ransomware attack on the Port of Lisbon.
• A representative for LockBit denied involvement in the Royal Mail attack and laid blame on other hackers potentially using LockBit’s leaked ransomware building software, TechCrunch reported.
• The delays from the cyberattack have added onto earlier Royal Mail disruptions resulting from a worker’s strike in December, per the BBC.