FedEx is bracing itself for the financial impact from last month's cyber attack at TNT Express whose business continues to be seriously impacted by the ransomware virus.
However, the Memphis-based package delivery giant reaffirmed its commitment to improve FedEx Express 'operating income by $1.2-$1.5 billion by FY2020.
It also warned of possible implications for the integration of TNT as a result of the attack.
At the end of last month, it announced that the worldwide operations of TNT had been significantly affected by the cyber attack known as Petya, which involved the spread of an information technology virus through a Ukrainian tax software product.
TNT operates in Ukraine and uses the software that was compromised, which allowed the virus to infiltrate TNT systems and encrypt its data. While TNT operations and communications were significantly affected, no data breach or data loss to third parties is known to have occurred to date.
FedEx implemented contingency plans immediately following the attack to recover TNT operations and communications systems.
The systems and data of all other FedEx companies are currently unaffected by the attack.
In a filing to the US Securities and Exchange Commission, yesterday, 17 July, the US package delivery giant disclosed more information about the attack, revealing that currently all TNT depots, hubs and facilities are operational and most TNT services are available, but customers are still experiencing widespread service and invoicing delays, and manual processes are being used to facilitate a significant portion of TNT operations and customer service functions.
“We cannot estimate when TNT services will be fully restored. Contingency plans that make use of both FedEx Express and TNT networks remain in place to minimize the impacts to customers. “
FedEx added that its information technology teams have been focused on the recovery of critical systems and continue to make progress in resuming full services and restoring critical systems.
“We are currently focused on restoring remaining operational systems, along with finance, back-office and secondary business systems. We cannot yet estimate how long it will take to restore the systems that were impacted, and it is reasonably possible that TNT will be unable to fully restore all of the affected systems and recover all of the critical business data that was encrypted by the virus.”
FedEx underlined that given the recent timing and magnitude of the attack, in addition to its initial focus on restoring TNT operations and customer service functions, it is still evaluating the financial impact of the attack, but it is likely that it will be material.
“We do not have cyber or other insurance in place that covers this attack. Although we cannot currently quantify the amounts, we have experienced loss of revenue due to decreased volumes at TNT and incremental costs associated with the implementation of contingency plans and the remediation of affected systems.”
It went on to warn of “additional consequences and risks associated with the cyber attack that could negatively impact our results of operations and financial condition.”
These include the loss of revenue resulting from the operational disruption immediately following the cyber-attack; loss of revenue or increased bad debt expense due to the inability to invoice properly; loss of revenue due to permanent customer loss; remediation costs to restore systems; increased operational costs due to contingency plans that remain in place; investments in enhanced systems in order to prevent future attacks and the cost of incentives offered to customers to restore confidence and maintain business relationships.
FedEx further warned that the cyber-attack could have an impact on the successful integration of the the businesses and operations of FedEx Express and TNT Express in the expected time frame which could adversely affect future results.
“Prior to FedEx’s acquisition of TNT Express in May 2016, FedEx Express and TNT Express operated as independent companies. There can be no assurances that these businesses can be integrated successfully.
“It is possible that the integration process could result in higher than expected integration costs, the loss of customers, the disruption of ongoing businesses, unexpected integration issues, or the loss of key historical FedEx Express or TNT Express employees. It is also possible that the overall integration process will take longer than currently anticipated.”
The filing continued: “All of these factors could dilute FedEx’s earnings per share, decrease or delay the expected accretive effect of the acquisition and negatively impact the price of FedEx’s common stock. In addition, at times the attention of certain members of our management may be focused on the integration of the businesses of FedEx Express and TNT Express and diverted from day-to-day business operations, which may disrupt our business.”
As to market reaction to FedEx's filing about the cyber attack, a report by Bloomberg quoted Kevin Sterling, a senior analyst at Seaport Global Holdings, who said: “The biggest risk to FedEx is potential loss of market share.
“You’ve got to believe DHL and UPS are calling up customers” in Europe to lure them away from FedEx. “Customers like to track things, and they may not be able to.”
