FedEx attributes $300 million loss to NotPetya ransomware attack

Photo by erikleenars/Flickr (CC BY 2.0)

Share

Written by

FedEx reported an estimated $300 million loss in its first quarter earnings report Tuesday, attributing the loss mostly to a computer virus that impacted the company’s operations across Europe in July.

The package delivery company’s Dutch subsidiary, TNT Express, was infected with the NotPetya ransomware virus in late June. NotPetya hit companies in Ukraine and soon spread to other countries. Much of TNT Express’s operations are based in Ukraine. The attack froze users’ computers, encrypted their files and demanded a ransom of $300 in bitcoin to regain access. 

Cybersecurity researchers found, however, that regardless of whether a victim paid the ransom for NotPetya, data on infected computers may be deleted.

While FedEx reported a $1.24 billion operating profit for the quarter, that came in about $300 million below what was expected due to the hack. The earnings report released Tuesday by FedEx notes that most of TNT’s services resumed after the attack and “substantially all” its critical operational systems are back up and running, but volume, revenue and profits were  negatively impacted.

The company is working to “rebuild the TNT technical environment to be more resilient,” according to excerpts from an earnings call provided by a FedEx spokesperson. Citing the call, the spokesperson said Fedex is currently working to restore “customer-specific specialized solutions and systems” and expects them to be fully operational again by the end of September.

The spokesperson added that TNT relies on its IT systems to function properly and that the company is overhauling much of it in order to bolster security.

“The recovery and restoration of TNT Express’s global operations and IT systems has included every facility, hub and depot,” an executive on the call said. “Many systems that were not impacted by the virus were also fortified and rebuilt to ensure additional focus on security.”

In sum, NotPetya resulted in an immediate 79 cent loss per share. The company also said 2 cents per share were lost as a result of Hurricane Harvey, which devastated Houston and other parts of southeastern Texas. First quarter earnings came in at $2.19 per share, down from $2.65 for 2017’s first quarter.

Executives said the company is working to restore its customers’ confidence and that much of the customer base has stuck with them in the past three months, despite the crippling nature of the July cyberattack.

Reuters reports that FedEx did not have cybersecurity insurance in place to insulate itself from the impact of NotPetya.

“As a result of this attack, FedEx is re-examining the cyber-insurance market to determine if there is coverage we can develop that would add protection for our company at a reasonable price,” an executive on the earnings call said Tuesday.

-In this Story-

breach, cyberattack, earnings report, FedEx, hack, NotPetya, Petya, public market, ransomware, stock market
Continue to CyberScoop.com