Weir Group was in the red on Friday morning, after it announced that it was “managing the consequences” of a sophisticated attempted ransomware attack that took place in the second half of September.
The FTSE 250 company said its cybersecurity systems and controls responded quickly to the threat and took action, which included isolating and shutting down IT systems, including core enterprise resource planning (ERP) and engineering applications.
Those applications were now restored on a partial basis, and other applications were being brought back online in a progressive manner in order of business priority.
Weir said that had led to a number of ongoing but temporary disruptions, including engineering, manufacturing and shipment rephasing, which had resulted in revenue deferrals and overhead under-recoveries.
Effective capabilities were being progressively restored in the coming weeks, but the firm said the consequences of the operational disruption and associated inefficiencies were expected to continue into the fourth quarter.
“Our forensic investigation of the incident is continuing and so far, there is no evidence that any personal or other sensitive data has been exfiltrated or encrypted,” Weir said in its statement.
“We are continuing to liaise with regulators and relevant intelligence services.
“Weir confirms that neither it, nor anyone associated with Weir, have been in contact with the persons responsible for the cyber-attack.”
There had been no negative impact on orders in the third quarter, and the company said it was still expecting to deliver full year order growth in line with expectations, resulting in a strong order book as it headed into 2022.
As a result of the rephasing of shipments caused by the cybersecurity incident, the group said it experienced revenue deferrals of about £50m in September, alongside overhead under-recoveries in manufacturing and engineering.
While the bulk of the missed September revenue was expected to be shipped in the fourth quarter, it was likely that the temporary disruption to its end-to-end value chain would cause some slippage of fourth quarter revenues into 2022, together with some overhead under-recovery.
In order to reflect this incident, Weir updated its full-year guidance on Friday, with its full-year operating profit impact of fourth quarter revenue slippage expected to be between £10m and £20m, while the impact of overhead under-recoveries was expected to be between £10m and £15m.
“The majority of the impact is expected to be in the minerals division, due to its engineering and supply chain complexity relative to ESCO,” the directors explained.
“The direct costs of the cyber incident are expected to be up to £5m.
“As a result, the group now anticipates its full year PBTA will be in the range of £230m to £245m.”
At 1005 BST, shares in Weir Group were down 3.07% at 1,597p.
