This article is more than 1 year old

FedEx: TNT NotPetya infection blew a $300m hole in our numbers

File-scrambling malware put a bomb under shipping giant's sales growth

FedEx has estimated this year's NotPetya ransomware outbreak cost it $300m in lost business and cleanup costs.

Most of the victims of June’s NotPetya epidemic were based in Ukraine, but several global corporations were also infected by the software nasty – including shipping giant Maersk, ad behemoth WPP, pharmaceutical beast Merck, and FedEx’s TNT Express division.

An update on TNT’s progress in restoring systems to normal as well as estimates of the financial toll taken by the outbreak came as the biz reported reduced earnings during the three months to August 31.

FedEx execs reckon systems will only be fully restored at the end of September, three months after the file-scrambling nasty romped through networks.

“Most TNT Express services resumed during the quarter and substantially all TNT Express critical operational systems have been restored,” FedEx said in a statement yesterday. “However, TNT Express volume, revenue and profit still remain below previous levels.”

“Operating results declined due to an estimated $300m impact from the cyberattack, which was partially offset by the benefits from revenue growth, lower incentive compensation accruals and ongoing cost management initiatives,” it added.

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide


During a conference call with financial analysts on Tuesday, FedEx’s chief information officer Rob Carter explained that the delivery giant had traced the cyber-break-in back to an infected tax software update to its Ukrainian office.

By that, Carter means tainted updates of MeDoc, Ukraine’s most popular accounting software, which were silently poisoned with NotPetya by hackers. Once the upgrade was downloaded and installed by victims, the software nasty, hidden within the update, got to work scrambling documents across orghanizations.

Carter explained that the infection was extremely disruptive even though it didn’t expose any customer data. “This attack was the result of [a] nation state targeting Ukraine and companies that do business there,” he said, adding that the delivery firm was accelerating efforts to upgrade TNT legacy systems in hubs and depots worldwide.

The BBC reports that staff were faced with tens of thousands of unprocessed packages in the immediate aftermath of the ransomware instead of a “handful” of unsorted items.

FedEx’s chief operating officer David Bronczek defended the decision not to turn away business “despite being reduced to manual processes for pick-up, sort and delivery” in the immediate aftermath of the assault.

Other corporate victims of the NotPetya ransomware outbreak are also counting the cost. Maersk also estimates it is $300m out of pocket as a result of the outbreak. Reckitt Benckiser – the consumer goods firm behind the Dettol brand and Durex condoms – said the attack cost it £100m ($136m). ®

More about


Send us news

Other stories you might like