Security News > 2023 > February > LockBit ransomware gang claims Royal Mail cyberattack
The LockBit ransomware operation has claimed the cyberattack on UK's leading mail delivery service Royal Mail that forced the company to halt its international shipping services due to "Severe service disruption."
This comes after LockBitSupport, the ransomware gang public-facing representative, previously told BleepingComputer that the LockBit cybercrime group did not attack Royal Mail.
LockBitSupp failed to explain why printed Royal Mail ransom notes seen by BleepingComputer included links to LockBit's Tor negotiation and data leak sites rather than ones operated by another threat actor.
At the moment, the entry for the Royal Mail attack on LockBit's data leak site says stolen data will be published online on Thursday, February 9, at 03:42 AM UTC. Royal Mail first detected the attack on January 10 and hired outside forensic experts to help with the investigation.
"Incident was detected yesterday, UK/ domestic mail remains unaffected," a Royal Mail spokesperson told BleepingComputer on January 11 when we reached out for more details.
Royal Mail is yet to acknowledge that it's dealing with a ransomware attack that could likely lead to a data breach since LockBit ransomware operators are known for stealing data and leaking it online if their ransom demands are not met.
- LockBit ransomware goes 'Green,' uses new Conti-based encryptor (source)
- LockBit brags it pumped ION full of ransomware (source)
- IBM: Most ransomware blocked last year, but cyberattacks are moving faster (source)
- New Exfiltrator-22 post-exploitation kit linked to LockBit ransomware (source)
- The Prolificacy of LockBit Ransomware (source)
- LockBit ransomware claims Essendant attack, company says “network outage” (source)
- LockBit 3.0 Ransomware: Inside the Cyberthreat That's Costing Millions (source)