Davide Campari-Milano NV disclosed on Monday that following a ransomware attack on Sunday November 1, “selected services have been progressively resumed following their successful sanitization and the installation of extra security measures.”
The RagnarLocker gang ransomware group was threatening to release files it stole from Campari’s network if the company doesn’t pay its ransom demand in a week after the initial intrusion.
Campari said it detected the breach immediately and moved to isolate impacted systems. But in the wake of the attack, the websites for Campari and Campari Group were both down.
It also indicated that the incident is not expected to have any significant impact on its financial results.
Cyberhedge rated Campari a 2-Star on cyber governance long before the ransomware incident. Why is this significant? 1 and 2-Star rated companies are much more likely to experience financially damaging breaches than 4 and 5-Star rated peers. Investors that use Cyberhedge ratings were warned in advance of the increased likelihood of an event like this.
This is not a matter of whether a ransom was paid or not paid. Contrary to company statements and minimal financial impact, an operational disruption of several days will likely have a significant negative impact on financials for months to come and weigh on the company’s share price.
Some of the most significant ransomware attacks of the past 18 months (Honda, ISS World, Norsk Hydro, etc.) have resulted in an average −24% drop in share price 3-months post-breach.
Digital matters a lot to Campari. The company just told investors in its latest reporting that e-commerce sales have grown significantly since COVID-19 and its digital transformation has significant strategic relevance (Additional Financial Information 30 September). Evidence that the company appears to be not managing its digital technology well should be of concern to the C-suite, board and shareholders moving forward.
How the company recovers from this event and manages its digital transformation moving forward will be a difference maker in whether it outperforms or underperforms irrespective of renewed COVID-19 restrictions taking hold across Europe.