French IT outsourcer Sopra Steria has been hit by a ransomware attack. While the company did not reveal the family of malware that infected its systems, local media speculate the involvement of the Ryuk ransomware.
Now the company estimates that a recent ransomware attack will have a financial impact ranging between €40 million ($48 million) and €50 million ($60 million).
In a new statement issued by Sopra Steria, the company confirmed that it has detected an attack involving the Ryuk ransomware on 21 October.
The internal cybersecurity staff rapidly blocked the threat and the measures implemented allowed the company to contain the virus to only a limited part of the Group’s infrastructure. They not identified any leaked data or damage caused to its customers’ information systems.
“The secure remediation plan launched Access has progressively been restored to workstations, R&D and production servers, and in-house tools and applications. Customer connections have also been gradually restored.”
The remediation and differing levels of unavailability of the various systems since 21 October is expected to have a gross negative impact on the operating margin of between €40 million and €50 million. The Group’s insurance coverage for cyber risks totals €30 million.
Sopra Steria expects to see negative organic revenue growth of between 4.5% and 5.0% (previously ‘between -2% and -4%’) for the financial year 2020. The company also estimates an operating margin on business activity of around 6.5% (previously ‘between 6% and 7%’), and free cash flow of between €50 million and €100 million