Global ransomware attacks hit earnings

01 September 2017

Recent cyber incidents have taken their toll on corporate earnings, demonstrating the material impact of cyber attacks on business.

Interim results and corporate announcements in August have revealed the extent of business disruption and the financial impact caused by the two separate global ransomware attacks in May and June. 

FedEx said that the NotPetya ransomware attack in June is likely to negatively affect profits, news that sent its share price down 3%. The attack caused significant disruption at TNT, FedEx’s European logistics business, which had also been hit by the WannaCry ransomware virus in May. 

In a statement, FedEx said that TNT may not be able to fully restore all of the affected systems and recover all of the critical business data that was encrypted by the virus. The firm had to resort to manual processing of shipments as the backlog of undelivered parcels mounted. 

The company said that the financial impact of the attack was likely to be “material” and that disruption to services and invoicing had continued for several weeks after the initial attack. In particular, TNT experienced loss of revenue due to decreased volumes and costs associated with the implementation of contingency plans and the remediation of affected systems, it said in a statement. 

FedEx did not have insurance to cover the losses. 

Counting the cost

One of the world’s largest shipping companys also experienced significant business interruption from the NotPetya ransomware attack, which is expected to cost it an estimated USD 200 million to USD 300 million. The company said that its results in the second quarter and third quarter would be lower because of a temporary loss of revenue and that the attack had stopped the company from raising full year profit forecast beyond previous guidance. 

UK consumer goods company Reckitt Benckiser saw its share price fall after it said that revenues in the second quarter would be 2%, or USD 130 million, lower following the NotPetya ransomware attack. Reckitt said the attack had disrupted factory output and affected its ability to deliver and invoice some orders.

US medical technology provider Nuance said that it expected NotPetya to have a material effect on its financial results in the third and fourth quarters owing to the loss of healthcare transcription revenues and the inability to fulfil partner orders. 

Mondelez, the world’s second-largest confectionary company (and maker of Oreo cookies and owner of Cadbury) also reported lower sales as a result of NotPetya. It warned investors to expect a 3% drop in quarterly sales, blaming shipping and invoicing delays. 

Wider impact

The attacks in May and June are not the first to have impacted corporate earnings. The earnings and share prices of TalkTalk and Target were both impacted by data breaches, while data breaches at Yahoo complicated its acquisition by a US telecoms company. 

TalkTalk shares dropped by more than 10% when the breach was announced in October 2015, while the Target data breach in 2013 saw its quarterly profits cut by almost 50%. Earlier this year Yahoo, agreed a USD 350 million discount to the original USD 4.48 billion sale price with Verizon after the search engine revealed that it had suffered data breaches in 2013 and 2014 affecting more than one billion user accounts. 

Equity prices

Research from Oxford Economics has showed that a cyber attack can knock millions off company share prices. In a study of 65 severe breaches at listed companies, Oxford Economics estimated that companies hit by a major cyber attack will on average shed USD 150 million of market value and see their share prices fall by an average of 1.8%. 

A company share price can take a tumble following a cyber attack, but in many cases valuations recover over time. However, research from a Canadian equity analyst CIBC World Markets suggests that cyber attacks are likely to have a bigger impact on equity prices in the future. 
The study of five major cyber attacks on large companies found that stock prices dropped by an average of only 2.4% following a breach. The report suggests that equity analysts should start asking more questions around cyber security to better understand the implications of a data breach.

For further information, please contact Martin Delaney, Senior Vice President - Leader, Cyber and Risk Management Services at ClientFirst@jltcanada.com.