Global courier FedEx has valued the impact of June's NotPetya cyber-attack on its TNT Express subsidiary at $300m, mostly relating to lost revenues.
The cyber-attack happened on June 27th, hitting as many as 7,000 companies globally. It was distributed through Ukrainian accounting software called MeDoc, used for filing tax returns in the country.
The MeDoc software contained back doors into users’ networks that were used by the malware to enter via the software’s automatic update system.
FedEx reported the figure in its results for the three months to the end of August, a quarter which it referred to as 'operationally challenging' not only due to the cyber-attack but also because of the hurricane that recently caused major damage in Texas and Louisiana.
“The first quarter posed significant operational challenges due to the TNT Express cyber-attack and Hurricane Harvey, and I want to thank our team members for their extraordinary dedication and performance,” said Frederick Smith, chairman and CEO of FedEx.
The FedEx Express division, which includes TNT Express, managed to grow revenues in the quarter, compared with the same three-month period a year earlier. Revenues came in at $8.65 billion versus $8.46 billion a year earlier.
However, operating income fell from $610m to $433m between the two periods, while margins shrank from 7.2% to 5%.
Following the cyber-attack, most TNT Express services resumed during the quarter and substantially all TNT Express critical operational systems have been restored, according to the company.
“However, TNT Express volume, revenue and profit still remain below previous levels,” it added.
During a conference call with investors, Robert Carter, FedEx's CIO, said TNT's IT systems were near full recovery and that there was no loss of customer data to third parties from the attack.
The company’s management also said it was considering taking out some form of insurance that would cover these sort of events.
FedEx has lowered its fiscal 2018 full-year earnings forecast due to the estimated impacts of the attack.
FedEx officially completed its takeover of its European rival TNT Express in May last year. The buyout, which was worth around €4.4 billion ($5 billion), helped FedEx add a leading ground network distribution service for customers.
AP Moller-Maersk, another high-profile victim of June's cyber-attack, said in its most recent results report that it expected the cyber-attack to have cost it $200m-300m, of which the majority related to lost revenues in July. The shipping company said the malware had been ringfenced and only impacted on the container-related businesses of Maersk Line, APM Terminals and Damco, adding that no data breach or data loss to third parties had occurred.
