Delivery company Yodel has had its operations disrupted by a cyber-attack.
The company warned that deliveries in the UK would be delayed, and customers would not be able to track their parcels online.
“We have experienced service disruption due to a cyber incident,” a statement on the company’s website reads. It warns that order tracking remains unavailable and that parcels may arrive later than expected.
Based on customer complaints, it appears that Yodel’s tracking and customer service stopped working some time over the weekend.
While the company has not revealed details about the attack, such as when it occurred or what type of attack it was, it has noted that it does not hold or process any customer payment information, implying that customer payment information has not been compromised.
The company has sent private messages to eBay sellers informing them of the outage.
“We are writing to update you on the service outage that has been affecting our operations over the weekend. We have a live investigation underway and can confirm that part of Yodel’s systems have been affected by a cyber incident,” the message says, according to one Twitter thread.
“At this stage of our investigation we are still working through the nature and full impact of the cyber incident. However, we wanted to write to you urgently given the current disruption to our operations.”
— Adam Smith (@Adam_Smith_PHD) June 21, 2022
It added that the company has alerted the National Cyber Security Centre, the Information Commissioner’s Office, and the National Crime Agency, and was working to get its systems back online. It has also engaged with an external forensics group to deal with the attack.
In the wake of the cyber-attack, Yodel has advised people to be vigilant, in case people utilise compromised data as part of spear phishing attacks.
“Avoid responding to, clicking on links, or downloading attachments from suspicious email addresses. If you are asked for personal information by someone purporting to be Yodel employee, please let us know immediately,” a statement reads.
Commenting on the Yodel cyber-attack, Tanium Area Vice President for EMEA Chris Vaughan said: “For the next few hours, damage control will be in full force for Yodel – and how the business reacts will be critical to ensuring the long-term welfare of the company, mitigating the damage of the incident, limiting downtime of operations, and therefore minimising the impact of delays and other issues for customers.
“Although we’re not yet sure how the incident occurred, it’s clear that many organisations can be doing more to prevent cybersecurity related issues – even those resulting from sophisticated attack vectors.
“We agree that many of the damaging breaches we see could have been avoided by simply maintaining baseline cyber-hygiene standards such as having technology in place that goes beyond antivirus solutions, implementing back up mechanisms which are regularly tested and ensuring staff are adequately trained to look out for malicious links in emails.”
Get the latest news from DIGIT direct to your inbox
Our newsletter covers the latest technology and IT news from Scotland and beyond, as well as in-depth features and exclusive interviews with leading figures and rising stars.
To subscribe, click here.