French IT services giant Sopra Steria said today in an official statement that the October Ryuk ransomware attack will lead to a loss of between €40 million and €50 million.
Sopra Steria is a European information technology firm with 46,000 employees in 25 countries providing a large array of IT services, including consulting, systems integration, and software development.
“The remediation and differing levels of unavailability of the various systems since 21 October is expected to have a gross negative impact on the operating margin of between €40 million and €50 million,” Sopra Steria said. “The Group’s insurance coverage for cyber risks totals €30 million.”
The October Ryuk attack
Sopra Steria published a statement on October 21st regarding a cyberattack that hit its network on the evening of October 20th but did not provide details on who was behind the attack.
However, from other sources familiar with the attack that the French IT services firm was hit by the Ryuk ransomware group who also encrypted the systems of Universal Health Services in September.
A week later, Sopra Steria confirmed in a statement that it was indeed a Ryuk attack using a new version of Ryuk ransomware.
“Moreover, it has also been established that the cyberattack was only launched a few days before it was detected,” Sopra Steria said.
No data leaked after the ransomware attack
The ransomware attack was blocked by Sopra Steria’s in-house security and IT teams which contained the ransomware to “a limited part of the Group’s infrastructure” thus protecting the company’s data, as well as its customers and partners.
“At this stage, Sopra Steria has not identified any leaked data or damage caused to its customers’ information systems,” Sopra Steria said.
The recovery process started by the company on October 26th is almost complete, with access restored to nearly all “workstations, R&D and production servers, and in-house tools and applications.”
“After including the items mentioned above, for financial year 2020 Sopra Steria expects to see negative organic revenue growth of between 4.5% and 5.0% (previously ‘between -2% and -4%’), an operating margin on business activity of around 6.5% (previously ‘between 6% and 7%’), and free cash flow of between €50 million and €100 million (previously ‘between €80m and €120m’),” the company added.
Cognizant, one of the largest IT managed services company in the world, also said it expected losses of between $50 million to $70 million following a Maze ransomware attack from April 2020.
Aluminum manufacturing giant Norsk Hydro said, one week after disclosing a LockerGoga ransomware attack that sent the company into partial manual mode operations, that the “preliminary estimated financial impact for the first full week” after the attack was in the NOK 300-350 million range (between $33 and $39 million).