Royal Mail faces threat from ransomware group LockBit

(Reuters) — UK’s Royal Mail is facing a threat from ransomware group LockBit, according to information published on a website, at a time when the British postal and parcel firm is grappling with the fallout of a “cyber incident” from last month.

LockBit has said it would publish stolen data on Feb. 9 if Royal Mail failed to pay a ransom, a screenshot of the group’s blog on the dark web on darkfeed.io, a website that tracks ransomware groups, showed.

TechCrunch, earlier in the day, reported that Royal Mail was added to LockBit’s dark web leak site this week and the group was threatening to publish “all available (Royal Mail) data.”

In an emailed response to Reuters, Royal Mail said evidence from its investigation so far suggested that the data allegedly obtained from its network did not contain any financial information or other sensitive customer information.

LockBit was behind a ransomware attack that hit ION Trading UK recently.

Ransomware is a form of malicious software deployed by criminal gangs which works by encrypting data, with hackers offering the victim a key in return for payments. Such ransom demands can total millions of dollars.

Separately, Royal Mail said on its website that the disruptions to its international services due to the cyber incident were continuing and only some of the services have been restored.

Royal Mail said its teams were working to reinstate the remaining export services, adding that its import operations continued to perform fully with some minor delays.

The company reported on Jan. 11 that its international export services were severely disrupted by a cyber incident.