The LockBit ransomware gang was behind the "cyber incident" at U.K.-based postal service company Royal Mail, which disrupted overseas but not domestic letter and parcel deliveries, reports The Guardian.
Royal Mail was reportedly threatened by LockBit that information stolen from the company would be leaked online unless the postal service firm pays the demanded ransom. While Royal Mail has already informed the National Cyber Security Centre, the National Crime Agency, and the Information Commissioners Office regarding the incident, no other details have been revealed.
Russians and others from former Soviet Republics are believed to mostly comprise the LockBit ransomware operation, which has also been offering software access to affiliates in exchange for a ransom cut, according to Sophos Principal Researcher Andrew Brandt. LockBit has been demanding ransoms ranging from $200,000 to nearly $1.5 million.
"Something Royal Mail is going to have to consider is whether or not they are going to pay a ransom. Im a bit of a purist and [say] they should never pay these people anything," Brandt added.
BleepingComputer reports that Knight ransomware was observed by KELA threat analysts to have the third iteration of its source code posted for sale by the operation's representative, Cyclops, on RAMP forums.