Postage company Pitney Bowes falls victim to ransomware

Global mailing and shipping company suffers from malware attack that encrypts systems and disrupts its work

Malware encrypted files and affected customers' access to mailing and shipping services. Pitney Bowes, a global mailing and shipping company, released a statement that informed about a ransomware attack that interfered with some of their systems. The attack also disabled customers' access as the client services and other corporate processes needed to be put offline.^[1] After encrypting information on the system, the malware also led the company to a partial system outage. However, according to the statement,^[2] there is no evidence that any customer or employee data has been accessed by hackers, at least yet.

In their System Update, Pitney Bowes officials answered some of the frequently asked questions and stated:

Our technical team is working to restore the affected systems, and it is working closely with third-party consultants to address this matter. We are considering all options to expedite this process and we appreciate our customers’ patience as we work toward a resolution.

The company is widely known as it provides services for more than 1.5 million clients across the world. The service allows sellers to mail their items easier and more efficient, so it has been actively used by Etsy and other marketplaces. However, even though there are mixed comments posted online, Pitney's shares rose by 1,4 percent on Monday, when the statement was released.^[3]

Services that got impacted are currently down

As it is known by now, the unknown ransomware entered the system via email or a different, undetermined vector and blocked the access to Your Account service. As a result, these systems were put down for clients. Clients are also unable to refill postage or upload transactions, use SendPro Online, and the service in Canada or the UK is also not working. Some users have already released their opinion about these issues on their social media and reported the disruption in delivery, returns, and general services in the global e-commerce division.^[4]

This is a partial outage, so the following features are still accessible:

• mailing machines can print if funds are available;
• SendPro C and P devices can print labels for shipping;
• SendPro Online in the U.S, SendPro Enterprise, SendSuite Live, SendSuite Express, SendSuite Tracking, and Sendsuite Tracking online, Relay Hub are operating normally.

The high-profile attack comes after the FBI warning reporting about ransomware targeting larger businesses

It is not known what ransomware in particular affected the system, but encryption-based threats are one of the most dangerous in the world of cybersecurity, especially when criminals behind the malware are money-motivated and targets large, profitable companies. This is the main issue that various cybersecurity experts and government investigation agencies report and note about. FBI issued a lengthy warning at the beginning of October.^[5]

Cryptovirus is a file-encryption based threat that demands payment for the possible recovery of the encoded data. Although there are no details about payment requirements and possibilities to recover data, the investigation is still ongoing. It is possible to hear from the global company after the final system recovery and third-party consultant analysis.

In the meantime, when security experts try to resolve the issue, people who cannot access the particular services can contact technical support people and visit www.pb.com/systemupdate from time to time, where all the details will become available once new evidence surfaces.