A cyber attack at Ardagh Group in May cost the company $34 million.

The glass and metal containers group had to shut down certain IT systems and applications used by the business on May 17 last. Ardagh said key systems were brought back online securely, and production at its manufacturing facilities continued to operate, though it did experience some shipping delays.

Ardagh said it has taken steps to further enhance the security of its IT systems including engaging leading industry specialists to conduct a forensic investigation.

In a trading update, the group said, "We believe that our existing information technology control environment is appropriately robust and consistent with industry standards. In addition to addressing any findings from these investigations and assessments, we are reviewing our information technology roadmap and accelerating planned IT investments to further improve the effectiveness of our information security."

Ardagh does not believe that its growth investment program has been impacted by the cyber attack. "We maintain appropriate insurance in respect of a wide range of risks, including in respect of IT incidents and expect to recover costs in respect of this incident."

Revenue at Ardagh Group in the second quarter increased by $268 million, or 17%, to $1,874 million, compared with $1,606 million in the second quarter of last year.
The increase in revenue was primarily driven by favorable volume/mix effects, which included an impact of the group's growth investment program, the pass through to customers of higher input costs, and favorable foreign currency translation effects of $77 million.

Adjusted EBITDA in the three months ended June 30, 2021 increased by $54 million, or 20%, to $325 million, compared with $271 million in the same period last year.
The increase was primarily driven by volume/mix growth in AMP and in Glass Packaging, including from the impact of the Group’s business growth investment program, lower Covid-19 related costs and favorable foreign currency translation effects of $15 million, partly offset by $15 milllion costs related to the cyber security incident indemnification to AMP.