FedEx: TNT cyber attack caused revenue losses

FedEx filed its annual report for 2017 with the Securities and Exchange Commission. It included additional information about the recent cyber-attack on TNT.

On the 28th June, FedEx announced that the worldwide operations of TNT were ‘significantly affected’ by the Peyta cyber-attack. This involved the spread of a virus through a Ukrainian tax software product.

In an update statement, FedEx commented: “The systems and data of all other FedEx companies are currently unaffected by the attack. TNT operates in Ukraine and uses the software that was compromised, which allowed the virus to infiltrate TNT systems and encrypt its data”

While TNT operations and communications were affected significantly, there was no data breach or data loss to third parties known to have occurred, though investigations are ongoing.

FedEx said that at present, all TNT depots, hubs and facilities are operational and most of its services are available. However, “customers are still experiencing widespread service and invoicing delays, and manual processes are being used to facilitate a significant portion of TNT operations and customer service functions”.

The FedEx statement continued: “We cannot estimate when TNT services will be fully restored. Contingency plans that make use of both FedEx Express and TNT networks remain in place to minimize the impacts to customers.

“Our information technology teams have been focused on the recovery of critical systems and continue to make progress in resuming full services and restoring critical systems. We are currently focused on restoring remaining operational systems, along with finance, back-office and secondary business systems. We cannot yet estimate how long it will take to restore the systems that were impacted, and it is reasonably possible that TNT will be unable to fully restore all of the affected systems and recover all of the critical business data that was encrypted by the virus.”

The parent company then focused on how the attack could affect TNT’s income.

“We are still evaluating the financial impact of the attack, but it is likely that it will be material,” said FedEx. “We do not have cyber or other insurance in place that covers this attack. Although we cannot currently quantify the amounts, we have experienced loss of revenue due to decreased volumes at TNT and incremental costs associated with the implementation of contingency plans and the remediation of affected systems.

“Additional consequences and risks associated with the cyber-attack that could negatively impact our results of operations and financial condition are described in the corresponding risk factor included in the Management’s Discussion and Analysis section of our annual report on Form 10-K for fiscal year 2017, filed earlier today. In addition to financial consequences, the cyber-attack may materially impact our disclosure controls and procedures and internal control over financial reporting in future periods.”  
Subscribe to Newsletter