Some letters received by Royal Mail in Northern Ireland are being sent to Scotland following a suspected cyber-attack, sources have said.
he service is still dealing with the aftermath of an alleged Russian hack which has severely affected operations.
Mail housed in the Mallusk depot, which was hit by a ransom attack earlier this week, is being shipped to Scotland in the hopes it can be processed and distributed, a company source said.
On Wednesday evening, Royal Mail confirmed some of its UK operations suffered a “cyber incident”. It is purported to be from LockBit, a hacker group believed to have close links to Russia.
Printers in the sorting facility in Belfast began spouting orange-coloured ransom notes which read: “Lockbit Black Ransomware. Your data are (sic) stolen and encrypted.”
It also asked for Royal Mail to contact the hackers, encouraging it to decrypt a file “for free” – likely to prove their claims of a hack.
According to The Telegraph, Lockbit’s signature ransomware scrambles files on computers and flashes up a message demanding payment in hard-to-trace cryptocurrencies as the price for unscrambling them again.
The attack comes ahead of the roll-out of energy support scheme vouchers in Northern Ireland from Monday.
The vouchers will be delivered via the postal service to homes that use a top-up energy metre, meaning 500,000 households may see a significant delay in receiving their £600.
Customers who pay their energy bills via direct debit will not be affected as they are due to receive the support payment automatically into their bank accounts.
The external manager of Post Office NI previously urged those due to receive the £600 by voucher to redeem the payment “quickly” to ensure post office branches have enough cash.
It is not clear if the roll-out will be affected or disrupted if some mail has to be sorted outside Northern Ireland.
Despite multiple requests for comment, Royal Mail declined to provide an update on the cyber-attack or on letters being sent to Scotland.
The National Crime Security Centre said: “We are aware of an incident affecting Royal Mail and are working with the company, alongside the National Crime Agency, to fully understand the impact.”
Royal Mail confirmed it was facing severe disruption to its international export services after the cyber incident.
It has since asked customers to stop sending parcels and letters to overseas after the attack had caused “severe service disruption”.
Royal Mail said on Wednesday: “Some customers may experience delay or disruption to items already shipped for export. Our import operations continue to perform a full service with some minor delays.
“Our teams are working around the clock to resolve this disruption and we will update customers as soon as we have more information.
“We immediately launched an investigation into the incident and we are working with external experts. We have reported the incident to our regulators and the relevant security authorities.
“We would like to sincerely apologise to impacted customers for any disruption this incident may be causing.”
The Information Commissioner’s Office said: “Royal Mail has made us aware of an incident and we will be making inquiries.”
