Royal Mail has asked people to stop sending mail abroad due to a “cyber incident” causing severe disruption. It said it was temporarily unable to send letters and parcels overseas and was “working hard” to resolve the issue. There are also minor delays to posts coming into the UK, but domestic deliveries are unaffected. The incident has been reported to the UK’s cyber intelligence agency and police who deal with a serious crimes. Royal Mail apologised and said its teams were “working around the clock to resolve this disruption”. It said it would update customers when it had more information.
The company is calling it a “cyber-incident” rather than a cyber attack because it does not know what has caused the problem, the BBC has been told. Computerised systems for sending letters and parcels abroad had been “severely disrupted”, Royal Mail said. “We immediately launched an investigation into the [cyber] incident and we are working with external experts,” it added.
The back office system that has been affected is used by Royal Mail to prepare mail for despatch abroad and to track and trace overseas items. It is in use at six sites, including Royal Mail’s huge Heathrow distribution centre in Slough, which has been affected by the incident. It is unclear how long the disruption will continue, and mail that has already been shipped for export may be delayed.
The National Cyber Security Centre, which is part of the UK’s cyber intelligence agency GCHQ, is involved in trying to work out what has happened, alongside the National Crime Agency. Regulators have also been told of the incident. Details are often scarce when it comes to cyber incidents, but Royal Mail is being especially vague about what is happening inside its international mail centres.
The company has called in the National Cyber Security Centre and the Information Commissioners Office, which are the bodies you’d usually call if there’s a cyber attack – the NCSC for help, and the ICO because you have to inform them of any potential data theft. But Royal Mail has also called the National Crime Agency, which suggests the incident might have a different angle to it.
They are also being careful not to call it a cyber-attack, which opens up the possibility that it might be a large scale technical glitch, or even some sort of sabotage to the system. Either way it seems to be a major incident with far-reaching effects as the backlog of packages builds up. There have been a number of high-profile cyber-security incidents in recent weeks in the UK.
The Twitter accounts of two Cabinet ministers have been hacked, and the Guardian newspaper was hit with a suspected ransomware attack. In the year to March, Royal Mail sent 152 million parcels abroad which equates to around 200,000 items a day. However, that was a small fraction of the number of parcels it sent domestically.
Royal Mail has faced a number of challenges over the past year, including a series of strikes by postal workers as part of a long-running dispute over pay and conditions. The Communication Workers Union (CWU), which represents more than 115,000 postal workers at Royal Mail, is planning further industrial action, with a fresh ballot due to open later this month.