Engineering firm Weir hit by major ransomware attack

  • Published
Computer showing virius detectedImage source, Getty Images

One of Scotland's biggest engineering firms has been hit by a hack of its IT systems, costing it millions of pounds.

The ransomware attack on Glasgow-based Weir took place last month, forcing it to shut down some operations.

In a statement, the mining equipment firm said it had reacted quickly to the "sophisticated" attack, but had been forced to delay shipments worth more than £50m in revenue.

It estimated that the incident could cost it as much as £5m.

Weir said there was no evidence that any personal or other sensitive data had been "exfiltrated or encrypted".

It also reported that it had not made contact with the hackers and was continuing to liaise with regulators and "relevant intelligence services" over the incident.

'Sophisticated attack'

Chief executive Jon Stanton said: "We responded quickly and comprehensively to what was a sophisticated external attack on our business.

"The robust action to protect our infrastructure and data has led to significant temporary disruption but our teams have responded magnificently to this challenge and have managed to minimise the impact on our customers.

"We will continue to focus on the safe restoration of all our systems whilst strengthening our future resilience even further."

Image source, Weir Group
Image caption,
Weir said it had taken "robust action" to minimise the impact on customers

The company said it had taken a number of measures following the attack, such as isolating and shutting down IT systems, including engineering applications.

In its statement, it said: "These applications are now restored on a partial basis, and other applications are being brought back online in a progressive manner in order of business priority.

"The above actions have led to a number of ongoing but temporary disruptions including engineering, manufacturing and shipment re-phasing, which has resulted in revenue deferrals and overhead under-recoveries.

"Effective capabilities are being progressively restored in the coming weeks but the consequences of the operational disruption and associated inefficiencies are expected to continue into the fourth quarter."