Delivery firm Yodel disrupted by cyber attack
The company confirmed that some services are down but deliveries are continuing, though specific details are currently unknown
UK delivery and logistics company Yodel has confirmed that it has been the victim of a cyber attack which has impacted its services.
Online delivery tracking is currently down and the company’s customer service helpline also appears to be down for “maintenance”. Yodel’s website remains online at the time of writing.
Yodel confirmed to IT Pro that it had suffered an attack but did not confirm any other information.
The full nature of the attack is still unclear, including whether customer data has been compromised, when the attack occurred, and how long it will take the company to recover.
However, according to prominent cyber security expert Kevin Beaumont, the attack is rumoured to include a ransomware element.
The information was made public after the company privately messaged eBay sellers confirming the attack in a ‘confidential’ note.
Yodel is currently working towards recovering its systems but it anticipates “some immediate delays in fulfilling some of [its] deliveries”, said the message to eBay sellers.
“Yodel has experienced a cyber incident that has caused some disruption,” said Yodel in a statement given to IT Pro. “We are servicing customers but tracking is currently impacted.
The state of brand protection 2021
A new front opens up in the war for brand safetyFree download
“As soon as we detected the incident, we launched an investigation, led by our internal IT division and supported by an external IT forensics group. We are working to restore tracking as quickly as we can and have engaged with all relevant authorities.
“Yodel would like to sincerely apologise to their clients and their customers for any disruption this incident may have caused, and reassure them that the team are working around the clock to resolve this incident.”
The company said it has engaged with the Information Commissioner’s Office (ICO), National Crime Agency (NCA), and the National Cyber Security Centre (NCSC), in addition to hiring outside digital forensics experts.
Social media users have complained about the company’s lack of transparency about the incident, leaving many ‘in the dark’ over missing deliveries. The majority of complaints relate to being unable to track expected parcels.
Accelerating AI modernisation with data infrastructure
Generate business value from your AI initiativesFree Download
Recommendations for managing AI risks
Integrate your external AI tool findings into your broader security programsFree Download
Modernise your legacy databases in the cloud
An introduction to cloud databasesFree Download
Powering through to innovation
IT agility drive digital transformationFree Download