sveta - stock.adobe.com
Royal Mail continues to make steady progress on recovering its international letter and parcel export services following a suspected LockBit ransomware attack earlier in January.
Having started to despatch standard export letters, and letters and parcels from Northern Ireland into Ireland, on Thursday 19 January, the postal service now says that having made progress on clearing the backlog of items in the system before the attack, it is now in a position to stand up two key parcel services, International Tracked and Signed, and International Signed.
“We have made further progress in exporting an increasing number of items to a growing number of international destinations,” Royal Mail said in a statement. “We are using alternative solutions and systems, which were not affected by the recent cyber incident.
“As a result of this progress and the growing capability of our alternative export solutions, we can now announce that we are resuming our International Tracked and Signed as well as International Signed services to all destinations for business account customers and customers buying postage online.
“This includes parcel, large letter, and letter formats of these services. Online shipping solutions are now enabled to allow customers to select these services, print labels and send items from Thursday 26 January.”
Royal Mail said delivery of items sent via these services may still take longer than usual, and customers may notice different tracking information as items leave the country.
“We continue to ask customers not to submit any new Tracked or Standard/Economy export parcels into our network just yet,” it said. “We are aiming to provide further updates on these services in the coming days.”
No further details
The organisation has not given any further details on the precise nature of the LockBit ransomware attack, the scale of the ransom demand, or whether or not it entered into negotiations with the cartel’s representatives at any point.
The fact that Royal Mail has talked about workarounds and alternative solutions suggest it has rebuffed LockBit’s extortion attempt.
While the length of time it is taking to recover its services is not out of the ordinary for a ransomware attack, Royal Mail is nevertheless facing growing criticism from the myriad small and micro-businesses that depend on it to send goods overseas.
Many small business users are increasingly frustrated at the delays, which in some cases are costing hundreds of pounds, and putting off international customers at a difficult enough time for UK exports, which as predicted have slumped since Brexit.
Speaking to the BBC, one customer, who runs a jewellery business and makes 40% of her sales in Ireland and the US, said she was being forced to use courier services at her own expense to keep things going.
Meanwhile, in its latest results announcement, made today, Royal Mail operator International Distribution Services said its revenues were down 12.8% year-on-year for the nine months to the end of 2022, driven by a structural decline in letters, weaker retail trends, strike action, and far lower volumes of Covid-19 test kits moving through the system. Overall parcel and letter volumes were both down on 2021.
The organisation made an adjusted operating loss of £295m during the period, with the net cost of strike action estimated at £200m.
Read more about the attack on Royal Mail
- 11 January: UK postal service Royal Mail is asking customers not to send any overseas letters or parcels while it deals with the impact of an ongoing cyber attack.
- 13 January: The still-developing cyber incident at Royal Mail may be the work of the infamous LockBit ransomware operation.
- 17 January: Royal Mail CEO Simon Thompson apologises to customers whose businesses are being disrupted by a ransomware attack and promises a “workaround” will be in place in the near future.
- 19 January: Royal Mail has resumed limited international services after putting in place operational workarounds to bypass the impact of a ransomware attack.
- 23 January: Royal Mail asks customers to hold back from sending post overseas as some services get back on track, while a report warns that disruptive attacks on critical infrastructure are set to become more common.