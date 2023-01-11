Royal Mail's parcel hub at Heathrow. Photo / Getty Images

If you’re expecting a delivery from the UK, it could take some time.

Royal Mail revealed this morning, NZ time, that it has been hit by a crippling “cyber incident”.

Six sites have been affected, including a giant sorting facility next to Heathrow Airport, where most outgoing international mail is sorted before leaving the UK.

Hanah Darley, head of threat research at cyber security firm Darktrace, told the Telegraph that the nature of the incident - which has only affected outbound international mail suggests a third-party supplier is the source of the cyber disruption, or there is a specific isolated system, rather than something that is enterprise-wide across Royal Mail.

Darley said depending on the nature of the attack, it could take weeks to restore Royal Mail systems to trusted operational states. Details are still emerging.

The UK’s equivalent of our GCSB - the GCHQ - has confirmed it is assisting Royal Mail.

Although domestic delivery is unaffected by the cyber-attack, UK shoppers have still reportedly been put off buying goods online because of a series of rolling strikes by Royal Mail staff that began before Christmas, and are set to continue until at least January 20.

Guardian hit by ransomware attack

Meanwhile, Guardian Media Group - publisher of The Guardian - has warned its staff that sensitive personal information including their salaries, bank details and passport numbers were exposed when the media group was hit by a “highly sophisticated” ransomware attack last month.

Internal systems were breached through a successful phishing attack, in which an employee is tricked into giving away access details to a third party, according to an FT report.

“It’s now clear that we experienced a highly sophisticated cyber attack involving unauthorised third-party access to parts of our network, which appears to have been triggered by a phishing attack,” staff were told in an email on Wednesday by Katharine Viner, the Guardian’s editor-in-chief, and Anna Bateson, chief executive of Guardian Media Group.

Personal information that the company said was “accessed” includes: “name, National Insurance number, address, date of birth, bank account, salary, identity documents such as passports”.

The Guardian did not disclose how it was dealing with the attackers or whether a ransom demand had been made but the email did say it had “seen no evidence that any data has been exposed online thus far”.

A spokesman told the FT that they did not think any subscriber or reader information had been accessed.



