Punters go postal with erratic Royal Mail site

'How very sorry we all are', say posties


Update The Royal Mail's electronic redirection website was finally restored on Thursday, days after problems affected the postal service's website on Sunday.

A Register reader has come forward with evidence to show that he was presented with the personal details of another user when he logged into the redirection site on Saturday, hours before the service interruption.

We asked Royal Mail if it had any explanation for this and, in particular, whether the site had been taken down as a security precaution. It responded by requesting to speak to the source, asking for more information on the incident. We've forwarded this request to our reader, Andy, who has forwarded a partially blurred image of someone else's personal details he was confronted with when he put his name and address into the site in an attempt to arrange the redelivery of a package online last weekend.

"Whilst attempting to arrange a re-delivery on the Royal Mail website last night [Saturday], I was presented with somebody else's personal details regarding their own delivery package," our source, Andy, explained.

"Since then the website redelivery pages have been unavailable."

Details made available included the name, contact details and address of the person requesting the redirection of an item of recorded mail (something that needs the signature of a recipient for delivery). It did not include credit card or other financial information. Andy was presented these details when he put in his own name, house number and postcode into the site. He didn't enter a tracking number before he was presented with the personal details of another person.

Andy got in touch with the individual involved who said that he too had seen other peoples' contact details when he logged into the website. Andrew complained to Royal Mail on Tuesday, only to receive what he felt was an inadequate response. "I managed to speak with Royal Mail customer services yesterday and they apologised but did not seem to be too worried that other people's personal details were being exposed on their site," he told El Reg.

It's unclear at the time of writing if this is a one-off glitch or a more widespread problem.

Rik Ferguson, a security consultant at Trend Micro, said that without further details it was impossible to say what had happened but the reported glitch is symptomatic of a cross-referencing issue with the Royal Mail's database.

Andy is considering whether or not to report the matter to data privacy watchdogs at the Information Commissioner's Office, a decision that he said depends on whether he gets an adequate response from Royal Mail.

A large number of the Royal Mail's web properties, not just the redirection site, experienced service problems this week. A Royal Mail spokesman forwarded us a statement issued to customers (below) apologising for the service interruptions, which it blames on teething problems involving the migration to a new platform. It said the online postage and SmartStamp applications are working again, albeit not at full capacity, while the online redelivery and redirection booking services, at the centre of Andy's problems, remains unavailable.

The message represented the state of play on Wednesday evening but by Thursday mid-morning Royal Mail's electronic redelivery service had been restored. While the service was down customers were obliged to phone up to have items of post redelivered, rather than using the online facility, which prior to Thursday had been unavailable for four days. ®

Dear Customer,

I am posting this note to say how very sorry we all are at Royal Mail if you have had difficulties accessing some of the applications on our website. I understand the inconvenience this will have caused in recent days.

The problems some customers have experienced follow technical difficulties that arose after the migration of part of our website to a new platform. As soon as we identified the problem, a message was put on our home page explaining what was happening and we will continue to update this to keep you informed.

Do please rest assured my team and I are working very hard to resolve the problem as quickly as possible. I would be the first to acknowledge that it has taken us longer than we would have liked to find a solution.  I can share with you that our Online Postage and SmartStamp applications are working again. We are gradually increasing the capacity of these applications as we resume normal service, so you may find that you are unable to access these applications first time. If you are not able to access the application first time, I would ask you to please try again a few minutes later.

Unfortunately, there are a number of applications that remain unavailable, including our online redelivery and Redirection booking services. Customers can arrange a Redirection by calling 0800 085 2724. Customers with other enquiries, including arranging a redelivery, should contact us in the normal way on 08457 740 740.

We continue to work around the clock to make sure your service is restored as quickly as possible.

Please again accept my sincere apologies for the disruption. We will continue to update you on our progress as we resolve it.

Yours sincerely

Nick Landon Director of Customer Experience

®

Update

Since we published this story, a Royal Mail spokesman has been in contact with the complainant. He told El Reg: "As soon as we became aware of problems with the redelivery application we took it down from the Royal Mail website while we sought to resolve the issue. We always treat such matters extremely seriously and can only apologise to the customer if this was not made clear in his conversation with a Royal Mail representative."

Similar topics


Other stories you might like

  • Prisons transcribe private phone calls with inmates using speech-to-text AI

    Plus: A drug designed by machine learning algorithms to treat liver disease reaches human clinical trials and more

    In brief Prisons around the US are installing AI speech-to-text models to automatically transcribe conversations with inmates during their phone calls.

    A series of contracts and emails from eight different states revealed how Verus, an AI application developed by LEO Technologies and based on a speech-to-text system offered by Amazon, was used to eavesdrop on prisoners’ phone calls.

    In a sales pitch, LEO’s CEO James Sexton told officials working for a jail in Cook County, Illinois, that one of its customers in Calhoun County, Alabama, uses the software to protect prisons from getting sued, according to an investigation by the Thomson Reuters Foundation.

    Continue reading
  • Battlefield 2042: Please don't be the death knell of the franchise, please don't be the death knell of the franchise

    Another terrible launch, but DICE is already working on improvements

    The RPG Greetings, traveller, and welcome back to The Register Plays Games, our monthly gaming column. Since the last edition on New World, we hit level cap and the "endgame". Around this time, item duping exploits became rife and every attempt Amazon Games made to fix it just broke something else. The post-level 60 "watermark" system for gear drops is also infuriating and tedious, but not something we were able to address in the column. So bear these things in mind if you were ever tempted. On that note, it's time to look at another newly released shit show – Battlefield 2042.

    I wanted to love Battlefield 2042, I really did. After the bum note of the first-person shooter (FPS) franchise's return to Second World War theatres with Battlefield V (2018), I stupidly assumed the next entry from EA-owned Swedish developer DICE would be a return to form. I was wrong.

    The multiplayer military FPS market is dominated by two forces: Activision's Call of Duty (COD) series and EA's Battlefield. Fans of each franchise are loyal to the point of zealotry with little crossover between player bases. Here's where I stand: COD jumped the shark with Modern Warfare 2 in 2009. It's flip-flopped from WW2 to present-day combat and back again, tried sci-fi, and even the Battle Royale trend with the free-to-play Call of Duty: Warzone (2020), which has been thoroughly ruined by hackers and developer inaction.

    Continue reading
  • American diplomats' iPhones reportedly compromised by NSO Group intrusion software

    Reuters claims nine State Department employees outside the US had their devices hacked

    The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters.

    NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

    "Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations," an NSO spokesperson told The Register in an email. "To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case."

    Continue reading

Biting the hand that feeds IT © 1998–2021