Was it ransomware? UK-based delivery company Yodel confirms operational disruption of its delivery business, due to cyberattack
UK deliveries have been disrupted after big name delivery firm Yodel confirmed it was experiencing a “cyber incident”.
The delivery giant announced it has “experienced service disruption due to a cyber incident. We are working to restore our operations as quickly as possible,” it added. “We are sorry for any inconvenience this may have caused.”
Yodel has not revealed the precise nature of the “cyber incident”, although there is speculation it has suffered a ransomware attack.
The firm said that deliveries are continuing, but there may be delays and it cannot give customers exact delivery slots.
Its tracking service is down, and unfortunately Yodel could not confirm whether any customer data has been compromised. This could include names, email addresses, home addresses, and telephone numbers.
The good news however is that is not hold or process any payment information.
Yodel advised customers to remain alert for “any unsolicited and unexpected communications” that seek personal data.
It asked customers to notify them immediately if asked for personal information from someone claiming to be a Yodel staffer.
“As soon as we detected the incident, we launched an investigation, led by our internal IT division and supported by a digital forensics group,” Yodel stated.
“We are deploying all efforts to resolve the situation as quickly as possible and continue to work closely with authorities and law enforcement,” it concluded.
The Yodel attack has prompted a reaction from industry experts, who pointed out that organisations can be doing more to prevent avoidable cyber incidents.
“For the next few hours, damage control will be in full force for Yodel – and how the business reacts will be critical to ensuring the long-term welfare of the company, mitigating the damage of the incident, limiting downtime of operations, and therefore minimising the impact of delays and other issues for customers,” noted Chris Vaughan, area VP of technical account management at Tanium.
“Although we’re not yet sure how the incident occurred, it’s clear that many organisations can be doing more to prevent cybersecurity related issues – even those resulting from sophisticated attack vectors,” said Vaughan. “In fact, our research released today reveals that 90 percent of high-level IT managers believe that most cyber-attacks are avoidable with a preventative approach.”
“We agree that many of the damaging breaches we see could have been avoided by simply maintaining baseline cyber-hygiene standards such as having technology in place that goes beyond antivirus solutions, implementing back up mechanisms which are regularly tested and ensuring staff are adequately trained to look out for malicious links in email,” said Vaughan.
The Tanium research reveals that 90 percent of UK cyberattacks are avoidable; and the board only approves new cybersecurity funding after the incident has occurred.
Meanwhile Lawrence Perret-Hall, director at CYFOR Secure, believes the Yodel cyberattack demonstrates the importance of cyber preparedness.
“Having an incident response and forensic readiness plan in place, deployable at any time, is crucial in the event of a business-critical attack,” said Perret-Hall.
“And with business continuity playbooks readily available, disruption can be kept to a minimum,” said Perret-Hall. “This is even more important when considering Yodel was targeted at a weekend, a common tactic cyber criminals use in an attempt to avoid immediate detection.”
Yodel got in touch with Silicon UK after publication with an update on the incident.
“Yodel has made significant progress in restoring a number of essential IT functions following the cyber incident which has affected the business this week,” a Yodel spokesperson told Silicon UK.
“Tracking services for clients and customers are once again ‘live’ and this will support the recovery of our regular operations and allow the business to begin to urgently tackle any delayed deliveries. We continue to monitor the tracking systems and expect to see further improvements as we return to normal,” said the spokesperson.
“This remains a complex situation but rest assured all of Yodel’s management and people continue to work with Clients and customers to meet their expectations and standards,” said the spokesperson.
“Yodel is sincerely sorry for any disruption and inconvenience that may have been caused to clients and customers alike.”