FedEx has included information in its annual financial report on the additional consequences and risks associated with the Petya cyberattack that affected its European subsidiary, TNT Express, on June 28, 2017.
The company has said that in addition to financial consequences, the cyberattack may materially impact its disclosure controls and procedures, as well as internal control over financial reporting in future periods.
The virus was spread through a Ukrainian tax software product used by TNT, which infiltrated the systems and encrypted the company’s data. FedEx has said that while TNT operations and communications were significantly affected, no data breach or data loss to third parties is known to have occurred.
A statement on the company website read, “Our information technology teams have been focused on the recovery of critical systems and continue to make progress in resuming full services and restoring critical systems.
“We are currently focused on restoring remaining operational systems, along with finance, back-office and secondary business systems. We cannot yet estimate how long it will take to restore the systems that were impacted, and it is reasonably possible that TNT will be unable to fully restore all of the affected systems and recover all of the critical business data that was encrypted by the virus.
“Given the recent timing and magnitude of the attack, in addition to our initial focus on restoring TNT operations and customer service functions, we are still evaluating the financial impact of the attack, but it is likely that it will be material. We do not have cyber or other insurance in place that covers this attack. Although we cannot currently quantify the amounts, we have experienced loss of revenue due to decreased volumes at TNT and incremental costs associated with the implementation of contingency plans and the remediation of affected systems.”
July 20, 2017