June 29, 2017 11:30 AM, EDT
FedEx’s TNT Unit ‘Significantly’ Affected by Cyberattack
Colin McPherson/Bloomberg News

FedEx Corp. said the worldwide operations and communications systems of its TNT Express unit in Europe have been “significantly” affected by a cyberattack, causing delays in deliveries.

Financial consequences of the disruption can’t be measured at this time but may be material, the shipping company said in a statement June 28. No data breach is known to have occurred at TNT, and no other FedEx companies have been affected. FedEx’s website carried the notation “not secure” and cautioned against entering sensitive information.

FedEx ranks No. 2 on the Transport Topics Top 100 list of the largest U.S. and Canadian for-hire carriers.

The courier commented as the cyberattack entered its second day, hitting businesses, port operators and government systems around the world, with companies struggling to retake control of their networks. FedEx first acknowledged that TNT had been affected June 27.

“I don’t think it would be a material impact, assuming this thing is remedied in a relatively expeditious manner,” said Jack Atkins, a Stephens Inc. analyst. “It certainly could be a public relations issue, especially as FedEx is looking to cross-sell its suite of services with TNT.”

Contingency plans and corrective steps “are being implemented as quickly as possible,” Memphis, Tenn.-based FedEx said in the statement. The company didn’t respond to a question about the website’s status.

Short-Term Effect

“The breadth of the attack is meaningful and is cause for concern,” with a short-term effect on the company’s results likely, Benjamin Hartford, a Robert W. Baird & Co. analyst, said in a note. But the lack of a data breach should limit the impact, he said.

FedEx, operator of the world’s largest cargo airline, acquired Dutch shipping company TNT Express in May 2016 to give it an expansive European network. TNT produced 12% of FedEx’s $60.3 billion in revenue during the fiscal year ended May 31 and 1.7% of its $5.04 billion in operating income.

The cyberattack began in Ukraine June 27, infecting computer networks and demanding $300 in cryptocurrency to unlock their systems. As of midday June 27 in North America, Kaspersky Lab analysts said about 2,000 users had been attacked.