‘All we have had is losses’: Royal Mail dismisses ‘absurd’ $80m ransom demand

theguardian.com:

Royal Mail rejected an “absurd” ransom demand for $80m (£67m) from hackers linked to Russia, according to transcripts that offer a rare glimpse into negotiations when companies are hit by a ransomware cyberattack.

The delivery company has been battling aransomware attack since January, when the LockBit group hacked into its software and blocked international shipments by encrypting files crucial to the company’s operations.

Chat transcripts released on the dark web, apparently by LockBit, show how the two sides traded blows in the negotiation that followed, with Royal Mail fending off increasingly aggressive demands that it was “time to pay”.

Nearly two weeks after the talks began, a LockBit hacker set a ransom of $80m, which they claimed was equal 0.5% of the company’s revenue, in exchange for decrypting the files.

LockBit said this would cost less than the fine that Royal Mail could receive from the Information Commissioner’s Office, if it were to become public that the company had failed to protect its data.

Under EU data protection laws, retained after Brexit, companies can be fined up to 4% of their annual revenue if they lose personal data.

“As long as we haven’t published any of your files, you can’t be fined,” the LockBit hacker said.

“If you can negotiate with us, the government will be left without your $640m.”

Royal Mail’s negotiator pointed out that the hackers appeared to be confusing the parcel service’s revenue with the larger turnover reported by its parent company, International Distribution Services (IDS).

“All we have had is losses. Here, you can read about it yourself,” wrote the Royal Mail negotiator, sending a link to aGuardian article from October that warned of 10,000 potential job cuts and £450m of losses