ATLANTA - April 17, 2023 - On April 13, NCR determined that a single data center outage that is impacting some functionality for a subset of its commerce customers was caused by a cyber ransomware incident. Upon such determination, NCR immediately started contacting customers, enacted its cybersecurity protocol and engaged outside experts to contain the incident and begin the recovery process. The investigation into the incident includes NCR experts, external forensic cybersecurity experts and federal law enforcement.
We believe this incident is limited to specific functionality in Aloha cloud-based services and Counterpoint. At this time, our ongoing investigation also indicates that no customer systems or networks are involved. None of our ATM, digital banking, payments, or other retail products are processed at this data center.
While in-restaurant purchases and transactions continue to operate, affected customers have reduced capabilities on specific Aloha cloud-based and Counterpoint functionality that has impacted their ability to manage restaurant administrative functions. NCR is conducting concurrent efforts to establish alternative functionality for customers, fully restore impacted data and applications, and to enhance its cyber security protections.
This press release includes statements which may constitute forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, the accuracy of which are necessarily subject to risks, uncertainties, and assumptions as to future events that may not prove to be accurate. These statements include, but are not limited to, express or implied forward-looking statements relating to our expectations regarding our ability to contain and assess the ransomware incident and the impact of the ransomware incident on our operations and financial results. These statements are neither promises nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond our control, which could cause actual results to differ materially from those contemplated in these forward-looking statements. Investors and others are cautioned not to place undue reliance on forward-looking statements. Factors that could cause actual results to differ materially from those expressed or implied include (i) the ongoing assessment of the ransomware incident, (ii) legal, reputational and financial risks resulting from the ransomware incident, (iii) the effectiveness of business continuity plans and cybersecurity risk management policies during the ransomware incident, (iv) the possibility that our ongoing investigation will produce materially adverse findings not known to us on the date hereof, (v) that any future, or still undetected, cybersecurity related incident, whether an attack, disruption, intrusion, denial of service, theft or other breach could result in unauthorized access to, or disclosure of, data, resulting in claims, costs and reputational harm that could negatively affect our operating or financial results and (vi) the other risks and uncertainties further described in the “Risk Factors” section of NCR’s most recent Annual Report on Form 10-K, as well as in NCR’s other reports filed with or furnished to the U.S. Securities and Exchange Commission, available at www.sec.gov. Forward-looking statements should be considered in light of these risks and uncertainties. These forward-looking statements speak only as of the date of this press release and NCR assumes no obligation to update any forward-looking statements as a result of new information or future events or developments, except as required by law.
About NCR Corporation
NCR Corporation (NYSE: NCR) is a leader in transforming, connecting and running technology platforms for self-directed banking, stores and restaurants. NCR is headquartered in Atlanta, Georgia, with 35,000 employees globally. NCR is a trademark of NCR Corporation in the United States and other countries.
NCR Media Contact