A June 27 global malware incident may have impacted Mondelez International’s business to the tune of $100 million.
In its third quarter financial report, released Oct. 30, the global snack company noted “incremental expenses of $47 million as a result of the incident in the three months and $54 million in the nine months ended September 30, 2017.” While those figures may not be additive, a number of published reports put the company’s total cost at $100 million or more.
At the time of the ransomware attack, Mondelez reported a computer outage across its global operations. “Given the timing of this significant global attack, despite our best efforts, we experienced disruption in our ability to ship and invoice during the last four days of our second quarter. There are a few markets where we have permanently lost some of that revenue due to holiday feature timing, but we expect we will be able to recognize the majority of these delayed shipments in our third quarter results.”
Back to the third quarter report: “The malware affected a significant portion of the company’s global sales, distribution and financial networks... the company executed business continuity and contingency plans to contain the impact and minimize the damages and restore its systems environment.”
The cyber attack has been called alternately a variant of Petya, a known ransomware, or a new ransomware that Kaspersky Lab dubbed ExPetr. Reports say the bug locks a computer and then demands a $300 ransom to be paid in Bitcoins.
Whatever the name, it arrived a month after the WannaCry ransomeware also made headlines around the world, affecting 230,000 computers in some 150 countries. Especially hard hit were United Kingdom's National Health Service, which forced it to run some services on an emergency-only basis, and Spain's Telefónica, FedEx and Deutsche Bahn (national railway system).
“The company does not expect, nor to date has it found, any instances of company or personal data released externally,” Mondelez’s the third quarter report continued. “The company restored its main operating systems and processes and continues to further enhance the security of its systems.”