A letter from our ceo

The Value of Team Spirit in Challenging Times

On Sunday I received a call no CEO wants to receive: “We have been subject to an extensive cyberattack.” Our Information Security Team was already assembled, and our Crisis Management Team was set up immediately. Since then, large teams have been working around the clock to contain the attack, keep business running and work to reestablish normal operations. We will continue to work this way until we are certain our systems are completely clean, safe and we can again deliver full services to all customers. I am very glad that we are already making progress on this.

In a technology company like TOMRA, this is a worst-case incident, putting the whole company through a stress test, and hampering us from delivering on our purpose to create a more sustainable world. We have worked for many years to make our services digital, and this remains a success factor for us as a company. But this attack is a reminder that we are vulnerable – just like any company with a digital service platform.

Everyone at TOMRA is impacted by this attack. We go to work every day to ensure we meet the needs of our customers. We have been able to keep a significant portion of our services available and have created many workarounds in the process however we cannot deliver our full quality to customers until all systems are back up and running again. As CEO I feel a strong responsibility towards both our customers and employees, and to the societies that rely on our services to work.

Thanks to the hard work of our teams, we have already reached some important milestones on our way towards recovery. We have started to establish an understanding of how the attack started, how it moved around in our systems, and some of the tools used. We have started to reconnect our reverse vending machines in many European markets on a new, cloud-based service. We have a way to go, but every step towards normal operations is important, and brings the quality level of our services closer to what our customers expect.

Being subject to such a large-scale attack also makes many people worried about information astray. That is an uncomfortable situation to be in. Employees, customers, and partners have all addressed this with us in the past days. I have made this very clear: If we find out that information has been compromised, we will be open with those affected. I hope we won’t have to make that call to anyone.

Some have asked if we were sufficiently prepared for this. We have increased efforts on cybersecurity and crisis management over the past years. Two years ago, we strengthened our information security work and established a separate team. I’m certain many lessons will be learned from the review of this incident in order to provide more robust protection to our company however we have taken the risks associated with this cyberattack very seriously. In the past 12 months we have also increased efforts on emergency preparedness, and we recently started a program to ensure all senior management have crisis management training. This has ensured that we met this incident with a team that included many people with recent training, allowing us to work in a structured and efficient way from the moment the alarm went off.

I would like to thank our customers, who have been understanding and patient as we do everything we can to return to the high service standards that they are accustomed to receiving from TOMRA.

I want to extend a heartfelt appreciation to all our employees. I am hugely impressed by the competence, the attitude, and the resilience the TOMRA team is showing through this challenging time. Everyone involved is working around the clock to make sure our customers get what they need, keep our services running and to resolve the problems caused by the attack, no questions asked. I am also grateful that we have supportive partners in, among others, Deloitte and Defendable, that during summer have been able to provide us with highly qualified personnel supporting our effort to get our services up and running again and to re-establish our digital services safely.

We are committed to ensure we come out of this as an even stronger company, delivering on our purpose of creating a more sustainable world. We will do everything we can do, and we are very grateful for the support we are receiving in this challenging situation. 

Tove Andersen, President and CEO