Ransomware
BleepingComputer / TechCrunch / Computer Weekly
Primary Source βIncident Details
LockBit ransomware hit Royal Mail’s Heathrow Worldwide Distribution Centre Jan 10 2023, disrupting international mail for 6 weeks. LockBit initially demanded $80M ransom, lowered to $40M. Royal Mail refused to pay per law enforcement advice. LockBit leaked negotiation transcripts, technical documents, HR records, salary data, COVID vaccination records. International shipping only restored Feb 23 2023. Remediation cost Royal Mail Β£10M. LockBit infrastructure taken down by international law enforcement in Feb 2024.
Technical Details
- Initial Attack Vector
- CWE-1391: Use of Weak Credentials (compromised credentials; exact initial vector not publicly disclosed)
- Vendor / Product
- Royal Mail international shipping systems
- Malware Family
- LockBit 3.0
Timeline
- 2023-01-10 Breach occurred
- 2023-01-11 Publicly disclosed
- 2023-01-13 Customers notified