Royal Mail Hacked

AtaRo · 3 Apr 2025 at 10:48

Royal Mail Group, the UK’s centuries-old postal institution, has allegedly suffered a massive data breach resulting in the leak of 144GB of internal files, CUSTOMER INFORMATION, and marketing data.

Hackers gained access to Royal Fail systems using the credentials of a Spectos employee compromised in a 2021 info stealer malware incident.

While the breach hasn’t been confirmed by Royal Mail, the company has acknowledged the issue through their vendor, Spectos.
If the data is genuine, it could have a wide impact. For customers, it means their details are now out there, which could lead to scams, spam, or even identity theft.

Royal Mail investigates data leak claims, no impact on operations

Royal Mail is investigating claims of a security breach after a threat actor leaked over 144GB of data allegedly stolen from the company's systems.

www.bleepingcomputer.com

brendy · 3 Apr 2025 at 11:20

Thats going to be a rather large GDPR fine I'd dare say.

Nasher · 3 Apr 2025 at 12:27

It's foreign owned, good luck making a fine stick.

Never should have sold it off.

VincentHanna · 3 Apr 2025 at 12:37

Well the article says it wasn't Royal Mail that was hacked, but a third party data collector/provider.

So I assume it would be their fault anyway, not Royal Mail.

BUDFORCE · 3 Apr 2025 at 12:37

This country really is going to **** isn't it.

randal · 3 Apr 2025 at 12:49

2021...

So, leavers process and password rotation/expiration rules up to scratch then?

Jokes.

Minusorange · 3 Apr 2025 at 13:14

The threat actor behind this leak (who uses the "GHNA" handle on BreachForums) released 16,549 files allegedly containing Royal Mail customers' personally identifiable information (including names, addresses, planned delivery dates, and more

So if you are expecting a delivery in the next few days, somebody could use this leak to change your delivery ? Because you only need a tracking number and the post code to do this

jaybee · 3 Apr 2025 at 13:40

randal said:
2021...

So, leavers process and password rotation/expiration rules up to scratch then?

Jokes.

Probably mostly running on beige boxes running XP as well.
It's disgusting that these chumps hold all our data and can't follow basic security practices. Get exploited with a zero day...fine... but when it's something like this...

randal · 3 Apr 2025 at 13:56

jaybee said:
Probably mostly running on beige boxes running XP as well.
It's disgusting that these chumps hold all our data and can't follow basic security practices. Get exploited with a zero day...fine... but when it's something like this...

Whilst the punishment amounts to a slap on the wrist, and reputational damage is a bigger deterrent - nothing will change.

I note in the breach "courtesy of Spectos, again". So not the first time they've been rinsed. RM need to be cutting ties, stat.

StriderX · 3 Apr 2025 at 14:15

Convenient right before that Czech dude is about to take ownership.

Wonder what the who and why are?

Trifid · 3 Apr 2025 at 15:57

VincentHanna said:
Well the article says it wasn't Royal Mail that was hacked, but a third party data collector/provider.

So I assume it would be their fault anyway, not Royal Mail.

Is it safe to assume they outsourced to the cheapest provider?