A hack that delayed the delivery of packages and online order tracking had interrupted services for the U.K.-based Yodel delivery service firm. The company had not released any information regarding the issue, including when it happened or what kind of event it was. However, the client payment information was not impacted because it isn’t kept on its systems nor processed by them.
Customers who were waiting for items to arrive report that Yodel’s tracking and customer services declined over the weekend and that they haven’t heard anything about their packages in at least four days. According to cybersecurity expert Kevin Beaumont, there are speculations that Yodel has been the target of a ransomware strike. This notion is tenable given that threat actors normally avoid encrypting victim devices on weekdays because the process is more likely to be found.
It seems that Yodel first sent private messages to eBay sellers informing them of the intrusion while it was “working through the nature and full impact of the cyber incident.” The business said that it was attempting to bring its systems back up with assistance from a knowledgeable outside source.
Yodel afterward published a statement on its website telling users that “parcels may arrive later than expected” and noting that the service outage was caused by a cyber intrusion. Yodel urges its clients to refrain from responding to unsolicited emails that request personal information or directing them to websites that do so in a broader article about the event.
“Avoid responding to, clicking on links, or downloading attachments from suspicious email addresses. If you are asked for personal information by someone purporting to be Yodel employee, please let us know immediately,” said Yodel. The firm has been contacted with inquiries concerning the incident, and the media is awaiting a response from the company.