Royal Mail customer data stolen in massive attack, hackers claim

Last updated: 2 April 2025
Royal Mail data breach
Photo by Jeff J Mitchell/Getty Images.

Attackers say they breached the British postal service last month, scooping a whopping 144 gigabytes of data, including confidential documents and customer names and addresses. However, the postal service points to a third-party attack.

The message announcing the alleged breach was posted on a popular data leak forum during the last hours of March 2025. Threat actors claim to have stolen a treasure trove of sensitive data, including recorded video meetings between Royal Mail and its partners.

According to the British postal service, it is aware of the incident. However, Royal Mail spokesperson explained that the postal services systems were not impacted in the attack.

ADVERTISEMENT

“We are aware of an incident which is alleged to have affected Spectos, a supplier of Royal Mail. We are working with the company to investigate the issue and establish what impact, if any, there may be regarding their data,” a Royal Mail spokesperson told Cybernews.

jurgita Ernestas Naprys Gintaras Radauskas Paulina Okunyte
Get our latest stories today on Google News
Google News Follow us

Meanwhile, the attackers’ post includes some bold claims about the extent of the data breach, boasting that they took:

  • Customers’ personal details
  • Confidential documents
  • Zoom meeting recordings
  • Delivery addresses
  • WordPress SQL database
  • MailChimp mailing lists
Royal Mail leak sample
Image by Cybernews.

However, the data sample the attackers included is scant on details. The Cybernews research team investigated what little data was shared to conclude that only one email address from the supposedly stolen MailChimp mailing list was included. Meanwhile, data of businesses whose delivery data supposedly leaked appears to be legitimate.

If confirmed, the attack would jeopardize the security of companies and individuals exposed, as stolen details could be used for multiple nefarious purposes from identity theft to fraud.

In theory, the stolen WordPress SQL database could include user credentials, allowing for further attacks on the postal service. Stolen Zoom meeting recordings of conversations between the Royal Mail and its partners could expose further sensitive business details discussed in private.

ADVERTISEMENT

The British postal service, one of the oldest in the world, is no stranger to hacker attacks. In early 2023, the LockBit ransomware cartel breached Royal Mail, demanding an $80m ransom. Leaked conversations between the two parties revealed that the service scoffed at the demands, saying “Under no circumstances will we pay you the absurd amount of money you have demanded.”

Updated on April 2nd [07:00 a.m. GMT] with a statement from the Royal Mail.

Share
Post
Share
Share
Share
More from Cybernews
Chrome will not ask users if they agree to be tracked by third-party cookies
The EU introduces energy label and Ecodesign requirements for phones and tablets
LinkedIn confession exposes the human cost of the gig economy in India
US Garmin users question the actual reason behind data collection: more reasons to revoke your insurance?
Massive botnet bigger than some countries discovered as DDoS attacks soar
Tesla diner nears completion – but will it pull the crowds?
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked