NotPetya cyber attack on TNT Express cost FedEx $300m

Falling victim to global ransomware attack "posed significant operational challenges", the company says in its latest financial report.
Written by Danny Palmer, Senior Writer

Falling victim to Petya is estimated to have cost FedEx $300m.

Image: TNT Express

Falling victim to the Petya cyber attack cost FedEx around $300m during the last quarter of the financial year, the company has revealed in its latest earnings report.

Operations of FedEx's TNT Express unit in Europe were disrupted by the attack and the company previously warned that the financial cost of the incident was likely to be significant. But now, with the publication of its first quarter earnings FedEx has revealed the cost of falling victim to Petya to be an estimated $300 million in lost earnings.

"The impact of the cyberattack on TNT Express and lower-than-expected results at FedEx Ground reduced our first quarter earnings," said Alan Graf, FedEx chief financial officer. "We are currently executing plans to mitigate the full-year impact of these issues."

Combed with the impact of Hurricaine Harvey, the cyber attack "posed significant operational challenges" said Fred Smith, FedEx chairman and chief executive officer.

While no data breach or data loss occurred as a result of Petya, the company previously warned that it may not be able to recover all of the systems affected by the cyber attack.

"The worldwide operations of TNT Express were significantly affected during the first quarter by the June 27 NotPetya cyberattack. Most TNT Express services resumed during the quarter and substantially all TNT Express critical operational systems have been restored. However, TNT Express volume, revenue and profit still remain below previous levels," the company said.

FedEx was one of a number of high-profile victims of the Petya malware epidemic, which originated in Ukraine but spread to bring down IT systems around the world.

Danish transport and logistics conglomerate Maersk - the world's largest container ship and supply vessel operator - has already revealed how the attack is set to cost it up to $300m.

Reckitt Benckiser -- the company behind Dettol cleaning products, the Nurofen painkiller, Durex condoms and more -- has also predicted £100m in lost revenue as a result of falling victim to the attack.

The global attack spread a version of the Petya ransomware modified with a leaked NSA exploit -- the same EternalBlue Windows flaw which spread WannaCry.

However, unlike WannaCry, researchers have suggested that those behind Petya weren't interested in charging ransoms, but rather in irrecoverably wiping data - although for what ends, it remains unknown.

In August, a 51-year-old Ukrainian national was arrested in connection to the attack.


    Editorial standards