Cybercrime , Fraud Management & Cybercrime , Ransomware

Clorox Expects Double-Digit Sales Drop Following Cyberattack

Bleach Manufacturing Giant Spent $25M Cleaning Up Huge Cyberattack in Initial Weeks
Clorox Expects Double-Digit Sales Drop Following Cyberattack
Image: Shutterstock

Household cleaning product giant Clorox said Wednesday that an August cyberattack had taken a big swipe out of the bleach maker's sales and profits in the quarter that ended Sept. 30.

See Also: Value Drivers for an ASM Program

The Oakland, California-based manufacturer maker expects organic sales to drop between 21% and 26% due to widespread disruption, order processing delays and product outages after the August cyberattack. Clorox, maker of eponymous cleaning products as well as natural personal care Burt's Bees products and Hidden Valley Ranch, previously expected mid-single-digit organic sales growth in the quarter. The firm said shipment and consumption trends prior to the cyberattack had been in line with expectations.

In addition, Clorox expects to post a per share loss between $0.35 and $0.75 - or up to $0.40 per share on an adjusted basis - as the impact of the cyberattack more than offset the benefits of higher pricing, cost savings and supply chain optimization. Clorox said the impact of the cyberattack centered around short-term fixed costs such as lower cost absorption in the cost of products sold and operating expenses.

"The company expects to experience ongoing, but lessening, operational impacts in the second quarter as it makes progress in returning to normalized operations," Clorox said in a statement Wednesday. "The company also expects to begin to benefit for the restocking of retailer inventories as it ramps up fulfillment in the second quarter." The second quarter ends on Dec. 31.

Clorox's stock is down $7.25 - or 5.5% - to $124.58 per share in trading Thursday afternoon, which is the lowest the company's stock has traded since June 17, 2022. Since first disclosing the cyberattack on Aug. 14, Clorox's stock has dropped $35.59 per share, or 22.2% (see: Breach Roundup: Raccoon Stealer Makes a Comeback).

The High Cost of Cybercrime

The company expects to incur $25 million of costs related to the cyberattack - $19 million after tax - during the fiscal quarter ended Sept. 30. That'll take a $0.14 per share chunk out of Clorox's earnings for the most recent quarter. Those costs stem from using forensic experts, legal counsel and other IT professional services as well as high operating costs due to disrupted business operations.

Costs associated with ongoing cybersecurity monitoring and prevention as well as enhancements to Clorox's cybersecurity program are not included in this figure, according to the company. Clorox said the cyberattack costs are provided exclusive of any potential insurance recoveries since the timing of recognizing insurance recoveries may differ from the timing of recognizing expenses tied to the attack.

Clorox said it began the process of transitioning back to automated order processing Sept. 25, and the vast majority of orders now take place in an automated manner. Ramping up output and shipments has allowed Clorox to rebuild retailer inventories, and the company plans to ship above consumption levels as it works to restock retailer inventories over time (see: Breach Roundup: Effects of ISP Ransomware Attack in Colombia).

"The company believes the cybersecurity attack has been contained and the company is making progress in restoring its systems and operations," Clorox said in a statement Wednesday.

The threat group tied to recent attacks on Caesars Entertainment and MGM Resorts International is also believed to be behind the Clorox cyberattack, four people familiar with the situation told Bloomberg on Wednesday. The news organization said Scattered Spider is known for its social engineering tactics.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.