Hacker Leaks 144gb Of Royal Mail Group Data, Blames Supplier Spectos

Royal Mail Group, nan UK’s centuries-old postal institution, has allegedly suffered a monolithic information breach resulting successful nan leak of 144GB of soul files, customer information, and trading data. The breach was first made nationalist connected nan cybercrime forum Breach Forum by a personification known arsenic GHNA.

144GB of Leaked Data

As seen by nan Hackread.com investigation team, GHNA published a station connected Monday, March 31, 2025, stating: “Today, I person uploaded 144GB of information from Royal Mail Group for you to download (courtesy of Spectos, again). Thanks for reading, and enjoy!”

The station included a screenshot of what appears to beryllium a Zoom gathering signaling betwixt Royal Mail Group and Spectos, a German-based information analytics and capacity guidance firm.

Spectos has antecedently been mentioned successful relation pinch different leaks, raising questions astir whether nan vector for this onslaught was a nonstop discuss of Royal Mail’s infrastructure aliases a third-party breach involving vendors pinch heavy strategy access.

The alleged breach gave nan hacker entree to a wide scope of delicate data. The leaked archive contains 293 folders and 16,549 files, totaling 144GB. The exposed records include:

• Customer Personally Identifiable Information (PII): Names, afloat addresses, postal codes, and shipping details, including sender information for illustration business names and services used.

• Internal Communications: Video recordings of meetings, astir notably Zoom calls betwixt Spectos and Royal Mail staff.

• Operational Data: Delivery way datasets, station agency location information, and backend SQL databases.

• Marketing Infrastructure Data: Mailchimp mailing database exports showing subscriber metadata, run tags, and elaborate consent information.

Screenshot: Hackread.com

The Hacker: Who Is GHNA?

A person look astatine nan hacker’s activity reveals that they person been progressive connected Breach Forums since precocious 2024. GHNA has built a increasing estimation by leaking aliases trading entree to respective high-profile organizations crossed aggregate industries. Their posts include:

• Multi-billion dollar package firms and star manufacture players

• Samsung Electronics (Germany) – Leaked customer restitution summons data

• Touchworld Technology LLC and Liberty Latin America – Source codification repositories

• Access to American and European package companies, including CRM and staking platforms

• Crypto-focused targets, specified arsenic a staking institution and a casino (both verified, pinch 1 marked arsenic sold).

Several of these listings person been tagged arsenic “VERIFIED” by nan forum’s moderation team, and immoderate person already been sold, indicating that GHNA is not only gaining entree to delicate environments but actively monetizing them.

The Royal Mail Group breach appears to beryllium 1 of nan largest GHNA has published successful position of earthy information volume. However, nan assortment of their erstwhile listings suggests this is portion of a broader run aliases ongoing access-as-a-service operation.

Screenshot: Hackread.com

Third-Party Connection: Spectos In nan Spotlight

Spectos’ sanction appears aggregate times successful nan breach materials, including successful soul documents and recorded video calls. It is unclear whether Spectos was nan breach vector aliases simply progressive successful nan information Royal Mail was managing astatine nan time.

The hacker’s comment, “Courtesy of Spectos, again”, suggests that Spectos whitethorn person played a domiciled successful really nan information was accessed. Given nan magnitude and type of leaked content, it’s imaginable nan discuss happened done a shared system, an integration point, aliases wrong Spectos’ ain infrastructure.

Royal Mail has acknowledged nan situation. In an email to Hackread.com, nan institution stated, “We are alert of an incident which is alleged to person affected Spectos, a supplier of Royal Mail. We are moving pinch nan institution to analyse nan rumor and found what impact, if any, location whitethorn beryllium regarding their data.”

So far, Spectos has not released immoderate nationalist connection astir nan incident.

Past Breach: Royal Mail’s Security Challenges Continue

This incident is nan latest successful a bid of cybersecurity challenges faced by nan Royal Mail Group. In early 2023, nan institution was targeted by nan LockBit ransomware gang, causing awesome operational disruptions. That onslaught unopen down Royal Mail’s world parcel transportation systems for weeks and forced nan statement to rumor emergency contingency plans.

That earlier onslaught was tied to financially motivated ransomware operators. This time, there’s nary ransom demand, but nan breach mightiness constituent to a rising liking successful Royal Mail’s data, either from opportunistic hackers aliases those taking advantage of anemic links successful nan company’s vendor network.

Impact and Ongoing Analysis

While nan breach hasn’t been confirmed by Royal Mail directly, nan institution has acknowledged nan rumor done their vendor, Spectos. If nan information is genuine, it could person a wide impact. For customers, it intends their specifications are now retired there, which could lead to scams, spam, aliases moreover personality theft.

For Royal Mail Group, it puts much unit connected really they grip backstage information and who they spot to thief negociate it. And for regulators, it mightiness lead to much questions astir whether nan institution is doing capable to protect people’s information.

At nan clip of writing, nan investigation is ongoing, and nary further remark has been made by either Royal Mail aliases Spectos.