Royal mail restarts a limited export postal service after cyber-attack

Thu 19 Jan 2023
Posted by: Phillip Adnett
Trade News

Royal Mail vans parked in car park

Days after being hit by an “overseas cyber-attack”, Royal Mail has said it has relaunched its exporting service on a limited basis.

According to a post on the company’s website:

“We are pleased to announce that we have resumed the export of International Standard and International Economy letters that do not require a customs declaration (i.e. these letters do not contain goods); International Business Standard (untracked) and International Business Economy personal correspondence letters (which do not require a customs declaration) to all international destinations,”

This change will take effect from 7pm Thursday (19 January).

As covered previously by the IOE&IT Daily Update, Royal Mail had announced it would be suspending its international service for exporters after a ‘cyber-incident’ hit the company’s computer systems and caused disruption.

Letters, not parcels

The announcement came after some ‘operational workarounds’ were used to get round the problems caused by the attack.

For the moment, the company is asking exporters to not submit any new parcels for international delivery.

Instead, the focus will be on working through the existing backlog of mail that has been processed and is waiting to be dispatched.

The import service is reportedly working as normal and the Parcelforce Worldwide export services are still operational, although there are minor delays in both.


The Telegraph reports that trials of these workarounds were used to send some parcels to France, Germany and the Netherlands, as well as letters not requiring declarations.

The Royal Mail is saying it is still investigating the source of the problem, with UK law enforcement and outside experts being brought in to help.

Ransomware hit

The FT reports that Royal Mail was the victim of a ‘prolific ransomware group’ named LockBit, which has previously hit several other targets including Kingfisher Insurance.

The company has not confirmed whether this is the case and still refers to a ‘cyber-incident’.

Ransomware is a type of computer virus which infects target computer networks and blocks access to them until a payment is made.

The National Cyber Security Centre – which has been working with Royal Mail in response to the attack – warns against paying a ransom, noting that there is no guarantee that the data will be returned and the network may remain infected.