US wines and spirits company Brown-Forman suffered a ransomware attack this week. Though unconfirmed, REvil is believed to be responsible, a criminal enterprise which is also responsible for the Travelex attack that sent that company into administration. Per a company statement, “our quick actions upon discovering the attack prevented our systems from being encrypted.”
In a separate incident, Carnival Corporation, the largest cruise company in the world, warned customers and employees that their personal information may have been seized in a breach. The breach was reportedly detected over the weekend when hackers encrypted a portion of its information technology systems.
Little is known about the extent of the disruption within Brown-Forman, but one thing is clear: the most significant financial impact will result not from lost customer or employee data but from the disruption to the company’s operations. The near-term financial impact will likely include a loss of operating income stemming from issues such as the cost to repair the infrastructure and systems impacted. This will likely become more clear in the coming months, possibly at the time of the company’s Q3 earnings.
The Carnival breach could not have come at a worse time as the struggling company has reported record losses since services were suspended five months ago, and it was just set to relaunch services in Europe. Importantly, the breach should not come as a surprise to shareholders. Carnival reported a public breach of sensitive customer data as recently as last year.
According to an August 17th statement, the company, “does not believe the incident will have a material impact on its business, operations or financial results.” This is most certainly false. Simply look at the impact ransomware attacks have had on the operating income of companies just this year:
|Ex-post event||Economic loss as a % of operating income|
|Cognizant||Est. 9-13% pending earnings|
More will become known about the financial impact during Carnival’s Q3 earnings. But for both Carnival and Brown-Forman, it will come in multiple stages over the next several months. The costs will include the immediate financial hits followed by likely commitments by management to invest additional resources in security, with the aim of lowering the probability of another similar attack occurring in the future. Consider Cognizant CEO’s remarks during its July 29 earnings call in reference to its ransomware attack: “…we’ve also begun what we expect will be a multi-quarter initiative to refresh and strengthen our approach to security.” Unsurprising considering its breach was cited as a key reason for the company’s YoY quarterly revenue decline.