FedEx Corp. said information systems at its TNT delivery unit may not fully recover from a June cyberattack, reiterating that the incident will hit the company’s financial results.
The shares fell the most in two months after the courier said customers are still experiencing widespread service and invoicing delays. While TNT facilities are functioning, the company said it has been forced to rely on manual processes for a significant portion of their operations.
FedEx ranks No. 2 on the Transport Topics Top 100 list of the largest U.S. and Canadian for-hire carriers.
“We cannot yet estimate how long it will take to restore the systems that were impacted, and it is reasonably possible that TNT will be unable to fully restore all of the affected systems and recover all of the critical business data that was encrypted by the virus,” the Memphis, Tennessee-based courier said.
The damage to FedEx underscored the financial fallout from the June attack, in which the perpetrators demanded $300 in cryptocurrency to unlock infected computer networks. Unlike traditional forms of ransomware, the hack seemingly concentrated on crippling systems rather than obtaining payments. The email address posted on users’ locked screens, used by victims to receive decryption keys, was easily and swiftly shut down by the email provider.
FedEx fell 2.9% to $212.78 at 11:21 a.m. in New York, the fourth-sharpest decline in the S&P 500 Index. The Petya virus affected TNT through tax software used in Ukraine. Other operations haven’t been affected by the attack, said FedEx, owner of the world’s largest cargo airline. The company said it found no evidence of a data breach or information lost to third parties. It declined to discuss details beyond the statement.
FedEx acquired Dutch shipping company TNT Express for $4.8 billion in May 2016 to gain an extensive parcel delivery system in Europe and compete with market leaders United Parcel Service Inc. and Deutsche Post AG’s DHL. TNT primarily serves the industrial, automotive, high-tech and health-care industries.
FedEx is still evaluating the financial effect and said it didn’t have insurance in place that would cover the cyberattack. It is too soon to quantify lost revenue from decreased shipping volumes and other costs of putting contingency plans and repairs in place, the company said.
“Clearly material near intermediate-term impact to financials are expected,” Benjamin Hartford, an analyst at Robert W. Baird & Co., said in a note. “We take some solace that no data breach is known to have occurred, which should limit a longer-term lasting impact.”
FedEx was among companies affected by the WannaCry ransomware in May that affected an estimated 200,000 computers worldwide. That attack didn’t cause a material disruption to FedEx systems or result in material costs, the company said.