Royal Mail confirmed a “cyber incident” has disrupted its ability to send letters and packages abroad, and also caused some delays on post coming into the UK.
The postal service, and the UK’s National Cyber Security Centre and National Crime Agency, issued similar statements about the IT SNAFU on Wednesday, with Royal Mail advising customers to stop sending international mail until it fixed the problem.
“We’re experiencing disruption to our international export services and are temporarily unable to dispatch items to overseas destinations,” the organisation tweeted. “We strongly advise customers to hold any export items while we work to resolve the issue.”
Royal Mail added it was “sorry for any disruption this may cause,” and would not comment further. This is a developing story; we’ll keep you updated as we confirm any other details.
The National Cyber Security Centre (NCSC) said it was “aware of an incident affecting Royal Mail Group Ltd” in a statement.
The cyber agency said it was working with Royal Mail and the National Crime Agency “to fully understand the impact.”
⚠️ Our statement on the incident affecting @RoyalMail Group this evening: “We are aware of an incident affecting Royal Mail Group Ltd and are working with the company, alongside the National Crime Agency, to fully understand the impact.”
— NCSC UK (@NCSC) January 11, 2023
In an email to The Register, the National Crime Agency confirmed it was working with its NCSC partners to investigate the incident.
The postal company did not immediately respond to The Register’s inquiries, which included queries about the expected duration of the disruption. A Royal Mail spokesperson told the BBC that it was calling it a “cyber-incident” — not a cyber attack — because it does not know what caused the issue in the system that prepares mail to send overseas, and also tracks and traces international parcels.
Royal Mail uses the system at six sites, including its Heathrow distribution center.
The latest Royal Mail incident follows a security “issue” in November during which customers could see others’ order information. About an hour after the leak started, Royal Mail shut down its Click and Drop website.
It also comes at a time when the postal carrier is locked in a dispute with the Communication Workers Union, which represents more than 115,000 Royal Mail employees, over worker pay and conditions. The union plans another strike later this month, according to media reports.
Anthony Davis, former Head of Information Security at Royal Mail until 2009, commented: “I have a good idea which systems at Royal Mail could be affected. But it’s early days so far, and the incident response will likely take some time. Let’s see what the investigation discovers and, if it was in fact a cyberattack, who was responsible. The National Cyber Security Centre is pretty good about attributing attacks to perpetrators, eventually.” ®