TNT Express warns of permanent data loss from NotPetya malware outbreak

TNT Express IT systems remain down almost a month after NotPetya outbreak

Courier company TNT Express has warned that it is still being affected by the NotPetya malware almost a month after it struck, and "cannot estimate when TNT services will be fully restored", according to a statement released by the company this week.

Furthermore, the company added that it may not be able to undo the damage and that it may have suffered permanent data loss.

"TNT operates in Ukraine and uses the software that was compromised, which allowed the virus to infiltrate TNT systems and encrypt its data. While TNT operations and communications were significantly affected, no data breach or data loss to third parties is known to have occurred," the company admitted in the statement.

The company added that while all of its physical infrastructure is operational, many of its IT systems remain down. Customers "are still experiencing widespread service and invoicing delays, and manual processes are being used to facilitate a significant portion of TNT operations and customer service functions".

It continued: "Our IT teams have been focused on the recovery of critical systems and continue to make progress in resuming full services and restoring critical systems. We are currently focused on restoring remaining operational systems, along with finance, back-office and secondary business systems.

"We cannot yet estimate how long it will take to restore the systems that were impacted, and it is reasonably possible that TNT will be unable to fully restore all of the affected systems and recover all of the critical business data that was encrypted by the virus."

The company added that it still has not been able to estimate the cost of the malware outbreak, but warned that "it is likely that it will be material". Furthermore, the company admitted, "we do not have cyber or other insurance in place that covers this attack", meaning that TNT and FedEx will bear the full cost.

"Although we cannot currently quantify the amounts, we have experienced loss of revenue due to decreased volumes at TNT and incremental costs associated with the implementation of contingency plans and the remediation of affected systems," the company also admitted.

FedEx only acquired Netherlands-based TNT, the world's fourth largest parcel delivery company, for $4.8bn in May 2016. Despite the warnings in this week's statement - including the admission that sales at TNT Express had been affected by the NotPetya outbreak, FedEx reaffirmed its profit targets for the group.

The NotPetya ransomware was propagated via the compromised infrastructure of a Ukrainian accounting software company used by as many as four-fifths of the organisations in the former Soviet republic. The malware made use of leaked US National Security Agency (NSA) exploits that had, according to analyses, been incorporated into the malware before the exploits were made publicly available.

Visitors to TNT's company's global website, meanwhile, are still being greeted with the following warning: "Like many other companies worldwide, we are experiencing interference with some of our systems within the TNT network. We are implementing remediation steps as quickly as possible to support customers who experience limited interruption in pick-up and delivery operations and tracking systems access."

Computing's DevOps Summit returns on 19 September. Attendance is free to qualifying IT leaders and other senior IT professionals, but places will go fast, so secure yours now.