(Reuters) — Britain’s Royal Mail is facing a threat from ransomware group LockBit, according to information posted on a website, as the UK post and parcel company grapples with the fallout from a “cyber incident” last month.
LockBit has said it would publish the stolen data on February 9 if Royal Mail failed to pay a ransom, a screenshot of the group’s dark web blog on darkfeed.io, a website that tracks ransomware groups, showed.
TechCrunch, earlier in the day, reported that Royal Mail was added to LockBit’s dark web leak site this week and the group threatened to publish “all available (Royal Mail) data.”
In an emailed response to Reuters, Royal Mail said evidence from its investigation so far suggests the data allegedly obtained from its network does not contain any financial or other sensitive customer information.
LockBit was behind a ransomware attack that recently hit ION Trading UK.
Ransomware is a form of malware distributed by criminal gangs that works by encrypting data, with hackers offering the victim a key in exchange for payments. Such ransom demands can amount to millions of dollars.
Separately, Royal Mail said on its website that disruption to its international services due to the cyber incident continued and that only some of the services had been restored.
Royal Mail said its teams were working to reinstate the remaining export services, adding that its import operations continued to operate fully with some minor delays.
The company reported on January 11 that its international export services were severely disrupted by a cyber incident.