Cadbury owner Mondelez International and Durex-to-Enfamil infant formula group Reckitt Benckiser have said last week’s international cyber attack hit their sales.

Mondelez forecast the malware attack, said to have started in Ukraine and which spread around the world, would take three percentage points of growth from its second-quarter sales due to the disruption caused to shipping and invoices.

The US-based snacks giant said yesterday (6 July) it expects to incur “incremental one-time costs” from the incident in the second and third quarters but stuck to its forecast of growth of “at least one per cent” in its organic revenue this year.

UK-based consumer goods giant Reckitt Benckiser, which also counts brands from French’s mustard to Dettol bleach in its portfolio, said it expects the attack to hit its sales by GBP110m (US$142.4m) this year. Reckitt generated sales of GBP9.89bn in its last financial year.

Reckitt, which last month completed its acquisition of US infant formula maker Mead Johnson, forecast its second-quarter like-for-like sales would fall 2%. The company said the incident would trim one percentage point from its annual revenue.

Nevertheless, while Mondelez and Reckitt both said the “issue” had been “contained”, they admitted some parts of their businesses are still feeling the impact of the attack, which hit on 27 June.

Moreover, in their separate statements, both companies also said they were “still assessing the full financial impact” of the event.

“We believe the issue has been contained and a critical majority of the affected systems are up and running again,” Mondelez said. “We are still assessing the full financial impact of this event, in addition to performing our normal quarter-end financial close process. Based on our current assessment of the situation, our recovery progress, and the underlying trends in our business, we are reaffirming our full-year organic revenue growth outlook of “at least 1% growth”. We expect to incur incremental one-time costs in both our second and third quarters as a result of this issue but our underlying margin progress continues to be in line with our outlook of mid-16 percent for the full year.”

Mondelez’s factory in the Australian state of Tasmania was reported to have been hit by the cyber attack, with production halted on 27 June after the site’s IT system went down.

At the time of writing, Mondelez had not responded to a request from just-food for an update on the situation at the Tasmania plant.

Reckitt, which said Mead Johnson’s “systems have not been impacted by the attack”, said: “We believe this issue has now been materially contained, and we continue to work with our IT partners to resolve remaining outstanding items. However, the attack did disrupt the company’s ability to manufacture and distribute products to customers in multiple markets across the RB Group. Consequently, we were unable to ship and invoice some orders to customers prior to the close of the quarter.  Some of our factories are currently still not operating normally but plans are in place to return to full operation.”

Rakesh Kapoor, Reckitt’s chief executive, was quoted as saying the “force of this virus was very significant”.

“All the affected companies that we’ve been in touch with, are still impacted,” Kapoor said, according to The Financial Times. “We are dealing with something unknown to the world. No-one had a solution.”

just-food Blog: Cyber attack – another wake-up call for business