Ukraine's state-owned postal operator, Ukrposhta, said on Thursday that its mobile application is experiencing temporary disruptions following an overnight "enemy" attack on the company's IT systems.

"Our specialists are already working to restore the service. We are doing everything we can to ensure you can return to using the app normally as soon as possible," Ukrposhta said.

The organization did not disclose who was behind the attack or whether any data had been compromised. It has not reported any disruptions beyond the mobile app outage and did not immediately respond to a request for additional comment.

Earlier this week, a pro-Russian hacktivist group calling itself the IT Army of Russia claimed responsibility for the attack. The group alleged it had breached Ukrposhta's infrastructure several weeks earlier, gained access to one of the company's servers and exfiltrated a database containing user information, along with other internal data.

Recorded Future News could not independently verify the group's claims.

Ukrposhta is Ukraine's national postal operator and one of the country's largest employers, with about 32,000 employees and more than 6,000 post offices nationwide.

The IT Army of Russia emerged in March 2025 and has since claimed responsibility for numerous cyberattacks targeting Ukrainian organizations. Security researchers have previously said the group uses cybercrime forums and Telegram to publish allegedly stolen data, recruit insiders within Ukraine's critical infrastructure, and solicit intelligence on Ukrainian military and civilian infrastructure for future attacks.

Ukrposhta has previously experienced cyber incidents. In 2024, the company said an attack on the IT infrastructure of one of its partners disrupted payment processing, customer accounts, and application programming interfaces (APIs), causing temporary delays in parcel deliveries.

Ukraine's largest private postal operator, Nova Poshta, has also reported repeated Russia-linked cyberattacks in recent years, including phishing campaigns and distributed denial-of-service attacks targeting its systems.