Logistics giant Yodel Confirmed that it is facing a cyber “incident” that is disrupting the service.
UK delivery company Posted an update Its site says: “We are working to recover our operations as soon as possible but for now, order tracking remains unavailable and parcels may arrive later than expected.”
Although the firm does not keep a customer’s payment information, it is currently investigating whether any other personally identifiable information (PII) has been taken.
Customer names, addresses, email addresses and telephone numbers will be a useful tool for fraudsters who store most delivery companies, who can use it to create follow-on phishing emails.
“As always, Yodel encourages you to be wary of any unwanted or unexpected communication that asks for your personal information or to refer you to a web page that asks for your personal information. Avoid responding, clicking on links or downloading attachments from suspicious email addresses, “the firm said.
“If you are asked to provide personal information to anyone accused of being a Yodel employee, please let us know.”
Last year there were ridiculous texts using fake delivery updates as more than 50% of such messages were greedy as SMS phishing volume almost doubled from the previous 12 months according to ProofPoint.
Although Eodel has not yet confirmed the nature of the attack, Ronsomware will be the main suspect, as the firm is suffering from operational disruption.
Eminent security researcher Kevin Beaumont has confirmed this briefly Twitter post.
The delivery firm has apparently contacted the National Crime Agency (NCA), the Information Security Watchdog Information Commissioner’s Office (ICO) and the National Cyber Security Center (NCSC).
NCSC CEO Lindy Cameron has repeatedly described Ransomware as the number one threat facing UK businesses.