Yodel becomes the latest victim of a cyber 'incident'
British parcel delivery firm 'working around the clock' to get systems back and running
Delivery company Yodel has found itself the latest victim of a cyber "incident" that has disrupted services.
Rooted firmly to the bottom of the table of best and worst courier firms by consumer campaigner Which? Yodel has gained popularity and, perhaps, a bit of notoriety in recent years as consumers turned to courier companies rather than venture into physical stores.
Exactly when security problems began is difficult to ascertain, since Yodel's social media voicebox is crammed full of disgruntled customers wondering where their products are (indeed, this writer had the joy of a piece of hardware being lifted from one of the company's depots back in 2019, but that's another story...).
However, by June 21 the company changed its customer service narrative to "Yodel is currently experiencing operational disruption affecting our delivery service."
Yodel's website was also updated to reflect that its services were not at all well.
The Register contacted the company to find out what was happening, and a spokesperson said: "Yodel has experienced a cyber incident that has caused some disruption. We are servicing customers but tracking is currently impacted.
- UK parcel firm Yodel plugs tracking app's random yaps about where on map to snap up strangers' tat
- Self-driving vehicles might be autonomous but insurance pay-outs probably won't be
- Self-stocking internet fridge faces a delivery come down
- Boston Dynamics' latest robot is a warehouse workhorse
"As soon as we detected the incident, we launched an investigation, led by our internal IT division and supported by an external IT forensics group. We are working to restore tracking as quickly as we can and have engaged with all relevant authorities.
"Yodel would like to sincerely apologise to their clients and their customers for any disruption this incident may have caused, and reassure them that the team are working around the clock to resolve this incident."
Other communications were shared on social media, suggesting that the incident was indeed serious. The Register contacted the ICO for more information and will update with any response.
"We are working around the clock to get all systems back and running as quickly as we can and are being supported by an expert, external, forensic group. We have also engaged with the National Cyber Security Centre and have notified both the National Crime Agency and the ICO"— Adam Smith (@Adam_Smith_PHD) June 21, 2022
Yodel is part of Logistics Group Holdings, and according to Companies House filings [PDF], it recorded earnings before income tax, depreciation and amortisation of £65.7 million in fiscal 2021, up from £9.5 million in 2020.
Yodel is just the latest victim of a cyber "incident" and undoubtedly will not be the last. The company's experience is a reminder of the importance of both robust defences and a robust recovery plan.
As for its customers… well, far be it from us to wonder if a lack of service will be all that different to normal service. ®
- Advanced persistent threat
- Black Hat
- Bug Bounty
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Remote Access Trojan
- RSA Conference
- Trusted Platform Module
- Zero trust