FedEx's TNT Reels From June Cyberattack as Damage Lingers

  • Business’s IT systems may never fully recover from Petya hack
  • Courier says it doesn’t have insurance coverage for disruption

How to Manage Risk From Cyber Attacks

FedEx Corp.’s TNT unit is still slogging through some transactions by hand and information systems may never fully recover from a June cyberattack that is expected to deal a blow to earnings.

The shares fell the most in two months after the courier said customers continue to experience widespread service and invoicing delays. While TNT facilities are functioning, they have been forced to rely on manual processes for a significant portion of operations, FedEx said in a statement Monday.

“The biggest risk to FedEx is potential loss of market share,” said Kevin Sterling, a senior analyst at Seaport Global Holdings. “You’ve got to believe DHL and UPS are calling up customers” in Europe to lure them away from FedEx. “Customers like to track things, and they may not be able to.”

The difficulty could reduce FedEx’s earnings by 50 cents to $1 a share for the year through next May, Citigroup Inc. analyst Christian Wetherbee said in a note. That represents 4 percent to 7 percent of the $13.50 he estimated for earnings.

The FedEx statement underscored the fallout from the June attack, in which the perpetrators demanded $300 in cryptocurrency to unlock infected computer networks. Unlike traditional forms of ransomware, the hack appeared to focus on crippling systems rather than obtaining payments. The email address posted on users’ locked screens to receive decryption keys was swiftly shut down by the email provider.

Europe Initiative

FedEx acquired Dutch shipping company TNT Express for $4.8 billion last year to gain an extensive parcel delivery system in Europe and compete with United Parcel Service Inc. and Deutsche Post AG’s DHL.

“We cannot yet estimate how long it will take to restore the systems that were impacted, and it is reasonably possible that TNT will be unable to fully restore all of the affected systems and recover all of the critical business data that was encrypted by the virus,” said FedEx, which owns the world’s largest cargo airline. 

Read more: A QuickTake Q&A on how ransomware works

FedEx fell 1.7 percent to $215.27 at 2:21 p.m. in New York, after tumbling as much as 3.4 percent for the biggest intraday decline since May 17. Separately, medical-technology company Medtronic Plc fell the most in six months after its chief financial officer said that a computer crash unrelated to an attack would crimp quarterly sales.

Danish Shipper

Shipping company A.P. Moller-Maersk A/S, another victim of the cyberattack, told customers on its website that it would reactivate transport-plan notifications and cargo checklists starting Monday. The Danish company said last week that it was “steadily getting closer to business as normal.”

The Petya virus affected TNT through tax software used in the Ukraine. Other operations haven’t been affected by the attack, FedEx said. The Memphis, Tennessee-based company said it found no evidence of a data breach or information lost to third parties. FedEx declined to discuss details beyond the statement. TNT primarily serves the industrial, automotive, high-tech and health-care industries.

FedEx is still evaluating the financial effect and said it didn’t have insurance in place that would cover the cyberattack. It is too soon to quantify lost revenue from decreased shipping volumes and other costs of putting contingency plans and repairs in place, the company said.

“We take some solace that no data breach is known to have occurred, which should limit a longer-term lasting impact,” Benjamin Hartford, an analyst at Robert W. Baird & Co., said in a note.

FedEx was among companies affected by the WannaCry ransomware in May that affected an estimated 200,000 computers worldwide. That attack didn’t cause a material disruption to FedEx systems or result in material costs, the company said.

    Before it's here, it's on the Bloomberg Terminal.
    LEARN MORE