A relatively unknown hacker group, Head Mare, claimed responsibility for a cyberattack that disrupted the operations of CDEK, a major Russian delivery company, for three days. They allegedly encrypted the company’s servers with ransomware and destroyed backup copies of its corporate systems. Despite the company attributing the disruption to a “massive technical failure,” an anonymous source within CDEK suggested it was a ransomware attack.
The attack prompted CDEK to suspend parcel shipments to prevent errors during manual processing. Although progress was made in restoring full operation by Monday, the company was not prepared to resume service. CDEK reassured customers that their parcels were safe and that efforts were underway to expedite delivery once operations were fully restored.
While CDEK did not officially attribute the disruption to a cyberattack, the head of the Russian State Duma committee on information policy later confirmed that the disruption was indeed caused by a cyberattack. Head Mare, the hacker group, claimed on social media that they exploited weaknesses in CDEK’s system administrators and security policies, boasting about their successful breach.
Despite the challenges, CDEK’s communications director expressed confidence in resuming operations no later than May 29, with backup plans in place. Customers expressed frustration over delayed parcel deliveries, highlighting the impact of the cyberattack on individuals relying on the company’s services.
