Do you hear that? $95 million and counting
They are the biggest hearing aid manufacturer in the world, but what is believed to have been a ransomware attack on the 3 September has forced Danish manufacturer Demant to announce an $80-$95 million loss to its investors. That's after an anticipated payout of $14.6 million from the company's cyber security policy.
On 3 September, the company's website featured a statement saying that the company was shutting down its entire internal IT infrastructure following a "critical incident". The company has not elaborated beyond stating that the network was hit by 'cyber crime' but the nature of the problems and the length of the recovery time highlights that in all likelihood, this is a ransomware attack.
It is not believed that the losses come directly from the ransomware but from the costs associated with a halt in production, with only $7.3 million attributed to actually rebuilding the infrastructure - a fraction of the total losses. The incident halted the company's ERP system, production, distribution facilities and service sites in Poland and Mexico, its cochlear implants production sites in France, its amplifier production site in Denmark, and its entire Asia-Pacific network. All of this culminated in a delay in the company's ability to manufacture and supply products, as well as their ability to order supplies and receive those orders. It has even impacted the ability of the company's network clinics to support their clients and service their equipment.
Demant's ransomware is one of the largest known losses caused by a cyber-security incident, excluding those from the NotPetya ransomware outbreak which cost Maersk and FedEx over $300million each.