Hacker opens 2,732 PickPoint package lockers across Moscow

PickPoint says this is the world’s first targeted cyberattack against a post-gateway network

A mysterious hacker used a cyber-attack to force-open the doors of 2,732 package delivery lockers across Moscow.


The technology world has spent so much of the past two decades focused on innovation that security has often been an afterthought. Learn how and why it is finally changing.

The attack, which took place on Friday afternoon, December 4, targeted the network of PickPoint, a local delivery service that maintains a network of more than 8,000 package lockers across Moscow and Saint Petersburg.

Russians can order products online and choose to have any of their orders delivered to a PickPoint locker instead of their home address.

Once the package arrives, users receive an email or mobile notification, and they can show up and pick up their orders using the PickPoint app.

However, the same system that allows users to open lockers and retrieve their packages was attacked on Friday.

Using a yet-to-be-identified exploit, a mysterious hacker forced open the doors for a third of PickPoint’s lockers, leaving thousands of packages exposed to theft across Moscow.


The reason for the attack has yet to be discovered, but in press releases over the weekend, PickPoint said it notified authorities.

The Russian company said it is currently working to restore its network, which has been damaged during the attack.

It also remains unclear if packages were stolen from lockers. According to social media posts, guards and landlords were quick to intervene on Friday and restrict access to the obviously malfunctioning lockers.

As the company highlighted in a press release on Saturday, this appears to be “the world’s first targeted cyberattack against a post-gateway network.”