One of the world’s biggest agency networks has fallen prey to a cyber attack, seen on a global scale. The attack was confirmed to Marketing by a WPP spokesperson. The spokesperson added that the group is currently assessing the situation and taking appropriate measures. The statement was also found on the company’s Twitter page.
— WPP (@WPP) June 27, 2017
UPDATE: In the latest statement issued by WPP, the company confirmed that on 27 June 2017, a number of WPP companies, "though not all", were affected by the ransomware attack that hit organisations around the world.
"We are working with our IT partners and law enforcement agencies to take all appropriate precautionary measures, restore services where they have been disrupted, and keep the impact on clients, partners and our people to a minimum," the statement read.
It added that the priority now is to return to normal operations as soon as possible while protecting the organisation's systems.
"Our operations have not been uniformly affected, and issues are being addressed on a company-by-company basis. Many of our businesses are experiencing no or minimal disruption," the statement said.
At the time of writing, a quick check by Marketing found the WPP website still down. In place of the website is a page which says that the web site is currently unavailable due to “important routine maintenance”. A link to WPP’s annual report and accounts for 2016 was also appended on the page.
According to a memo from WPP CEO Sir Martin Sorrell to its staff seen by Marketing, he said the company is "still very much open for business", see the full memo below:
"As you will know, organisations around the world have been hit by a cyber attack. A number of WPP companies – though not all – have been affected.
We are working with our IT partners and law enforcement agencies to assess the situation, take all precautionary steps and return to normal operations as soon as we can. At this time, we have no indication that either employee or client data has been compromised. As you would expect, our companies and teams are in contact with clients on an ongoing basis.
Many of you will have experienced significant disruption to your work. However, contrary to some press reports, WPP and its companies are still very much open for business.
We are a group packed full of highly creative, ingenious and dedicated people. I urge you all to put those qualities to use in making sure that what our clients experience in the hours and days ahead is as close to business as usual as we can possibly manage.
The IT teams in all our companies affected, coordinated by the Group IT function, are working hard to balance the need to protect our systems and the need to bring them back online in a timely fashion. The approach and solution will vary from company to company. It is crucial that you give them your full cooperation and support, and follow their instructions.
Sir Martin Sorrell"
According to Bloomberg, WPP employees have been told not to use Wi-Fi and switch off their computers according to a person familiar with the matter. Meanwhile, WPP offices located in London have been shut down. Images on Twitter showed screens demanding money to be paid in Bitcoin to unlock user files which had been encrypted.
The article added that the virus matches the profile of the recent "Petya" virus which hit companies located in Russia and Ukraine this week. When asked if WPP was hit by the "Petya" virus, a spokepserson said that the company is still currently assessing the situation.