Connect with us

Hi, what are you looking for?



Delivery Firm Yodel Scrambling to Restore Operations Following Cyberattack

Delivery services provider Yodel says it is working on restoring operations after falling victim to a disruptive cyberattack.

Delivery services provider Yodel says it is working on restoring operations after falling victim to a disruptive cyberattack.

One of the largest couriers in the United Kingdom, Yodel was initially known as the Home Delivery Network, but it rebranded itself after acquiring the B2B and B2C operations of DHL Express UK.

On Tuesday, the company started informing customers of a cyberattack that has impacted some of its systems, but without providing specific details on the assault.

“We have experienced service disruption due to a cyber incident. We are working to restore our operations as quickly as possible but for now, order tracking remains unavailable and parcels may arrive later than expected,” an incident notification on the firm’s website reads.

In an accompanying FAQ, the company says it has yet to determine if any customer information might have been impacted in the attack, but notes that customer payment information has not been exposed, as Yodel does not process or store such data.

The company says it launched an investigation immediately after learning of the attack, and that it is working hard to resolve the situation as quickly as possible.

Yodel also encourages users to be wary of any unsolicited and unexpected communications demanding personal information, and to avoid clicking on links or opening attachments from suspicious sources.

Advertisement. Scroll to continue reading.

“If you are asked for personal information by someone purporting to be a Yodel employee, please let us know immediately,” the company noted.

While Yodel did not share specific details on the type of cyberattack it fell victim to, security researcher Kevin Beaumont suggests that ransomware might have been involved.

SecurityWeek has emailed Yodel for an official comment on the cyberattack but has not received a response yet.

UPDATE: A Yodel spokesperson told SecurityWeek that the company has restored tracking services and that it has made progress in restoring operations to normal.

“Yodel has made significant progress in restoring a number of essential IT functions following the cyber incident which has affected the business this week.


Tracking services for clients and customers are once again ‘live’ and this will support the recovery of our regular operations and allow the business to begin to urgently tackle any delayed deliveries. We continue to monitor the tracking systems and expect to see further improvements as we return to normal.


This remains a complex situation but rest assured all of Yodel’s management and people continue to work with Clients and customers to meet their expectations and standards.


Yodel is sincerely sorry for any disruption and inconvenience that may have been caused to clients and customers alike.”

Related: It Doesn’t Pay to Pay: Study Finds Eighty Percent of Ransomware Victims Attacked Again

Related: Healthcare Technology Provider Omnicell Discloses Ransomware Attack

Related: Cyberattack Causes Disruptions at Car Rental Giant Sixt

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...