UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D.C. 20549
FORM
CURRENT REPORT
PURSUANT TO SECTION 13 OR 15(d)
OF THE SECURITIES EXCHANGE ACT OF 1934
Date of report (Date of earliest event reported):
(Exact name of registrant as specified in its charter)
| (State or other jurisdiction of incorporation) |
(Commission File Number) |
(I.R.S. Employer Identification Number) |
| |
||
| (Address of principal executive offices) | (Zip code) |
Registrant’s telephone number, including area code:
N/A
(Former name or former address, if changed since last report)
Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation of the registrant under any of the following provisions:
| Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425) |
| Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12) |
| Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b)) |
| Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c)) |
Securities registered pursuant to Section 12(b) of the Act:
| Title of each class |
Trading Symbol(s) |
Name of each exchange on which registered | ||
Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§230.405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-2 of this chapter).
Emerging growth company
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
| Item 8.01 | Other Events. |
On April 17, 2023, NCR Corporation (“NCR” or “the Company”) issued a press release announcing that a single data center outage that is impacting some functionality for a subset of NCR’s commerce customers was caused by a cyber ransomware incident. A copy of that press release is filed as Exhibit 99.1 hereto and is incorporated herein by reference.
Forward-Looking Statements
This Current Report on Form 8-K includes statements which may constitute forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, the accuracy of which are necessarily subject to risks, uncertainties, and assumptions as to future events that may not prove to be accurate. These statements include, but are not limited to, express or implied forward-looking statements relating to our expectations regarding our ability to contain and assess the ransomware incident and the impact of the ransomware incident on our operations and financial results. These statements are neither promises nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond our control, which could cause actual results to differ materially from those contemplated in these forward-looking statements. Investors and others are cautioned not to place undue reliance on forward-looking statements. Factors that could cause actual results to differ materially from those expressed or implied include (i) the ongoing assessment of the ransomware incident, (ii) legal, reputational and financial risks resulting from the ransomware incident, (iii) the effectiveness of business continuity plans and cybersecurity risk management policies during the ransomware incident, (iv) the possibility that our ongoing investigation will produce materially adverse findings not known to us on the date hereof, (v) that any future, or still undetected, cybersecurity related incident, whether an attack, disruption, intrusion, denial of service, theft or other breach could result in unauthorized access to, or disclosure of, data, resulting in claims, costs and reputational harm that could negatively affect our operating or financial results and (vi) the other risks and uncertainties further described in the “Risk Factors” section of NCR’s most recent Annual Report on Form 10-K, as well as in NCR’s other reports filed with or furnished to the U.S. Securities and Exchange Commission, available at www.sec.gov. Forward-looking statements should be considered in light of these risks and uncertainties. These forward-looking statements speak only as of the date of this Current Report on Form 8-K or as of the date to which they refer, and NCR assumes no obligation to update any forward-looking statements as a result of new information or future events or developments, except as required by law.
| Item 9.01. | Financial Statements and Exhibits. |
(d) Exhibits
| Exhibit |
Exhibit | |
| 99.1 | Press Release issued by the Company, dated April 17, 2023 | |
| 104 | Cover Page Interactive Data File (formatted as inline XBRL) | |
SIGNATURES
Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.
| NCR CORPORATION | ||||||
| Date: April 17, 2023 | ||||||
| By: | /s/ James Bedore | |||||
| James M. Bedore | ||||||
| Executive Vice President, General Counsel and Secretary | ||||||
Exhibit 99.1
NCR Reports Cybersecurity Incident
ATLANTA– April 17, 2023 –
On April 13, NCR determined that a single data center outage that is impacting some functionality for a subset of its commerce customers was caused by a cyber ransomware incident. Upon such determination, NCR immediately started contacting customers, enacted its cybersecurity protocol and engaged outside experts to contain the incident and begin the recovery process. The investigation into the incident includes NCR experts, external forensic cybersecurity experts and federal law enforcement.
We believe this incident is limited to specific functionality in Aloha cloud-based services and Counterpoint. At this time, our ongoing investigation also indicates that no customer systems or networks are involved. None of our ATM, digital banking, payments, or other retail products are processed at this data center.
While in-restaurant purchases and transactions continue to operate, affected customers have reduced capabilities on specific Aloha cloud-based and Counterpoint functionality that has impacted their ability to manage restaurant administrative functions. NCR is conducting concurrent efforts to establish alternative functionality for customers, fully restore impacted data and applications, and to enhance its cyber security protections.
Forward-Looking Statements
This press release includes statements which may constitute forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, the accuracy of which are necessarily subject to risks, uncertainties, and assumptions as to future events that may not prove to be accurate. These statements include, but are not limited to, express or implied forward-looking statements relating to our expectations regarding our ability to contain and assess the ransomware incident and the impact of the ransomware incident on our operations and financial results. These statements are neither promises nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond our control, which could cause actual results to differ materially from those contemplated in these forward-looking statements. Investors and others are cautioned not to place undue reliance on forward-looking statements. Factors that could cause actual results to differ materially from those expressed or implied include (i) the ongoing assessment of the ransomware incident, (ii) legal, reputational and financial risks resulting from the
1
ransomware incident, (iii) the effectiveness of business continuity plans and cybersecurity risk management policies during the ransomware incident, (iv) the possibility that our ongoing investigation will produce materially adverse findings not known to us on the date hereof, (v) that any future, or still undetected, cybersecurity related incident, whether an attack, disruption, intrusion, denial of service, theft or other breach could result in unauthorized access to, or disclosure of, data, resulting in claims, costs and reputational harm that could negatively affect our operating or financial results and (vi) the other risks and uncertainties further described in the “Risk Factors” section of NCR’s most recent Annual Report on Form 10-K, as well as in NCR’s other reports filed with or furnished to the U.S. Securities and Exchange Commission, available at www.sec.gov. Forward-looking statements should be considered in light of these risks and uncertainties. These forward-looking statements speak only as of the date of this press release and NCR assumes no obligation to update any forward-looking statements as a result of new information or future events or developments, except as required by law.
About NCR Corporation
NCR Corporation (NYSE: NCR) is a leader in transforming, connecting and running technology platforms for self-directed banking, stores and restaurants. NCR is headquartered in Atlanta, Georgia, with 35,000 employees globally. NCR is a trademark of NCR Corporation in the United States and other countries.
Web site: www.ncr.com
Twitter: @NCRCorporation
Facebook: www.facebook.com/ncrcorp
LinkedIn: www.linkedin.com/company/ncr-corporation
YouTube: www.youtube.com/user/ncrcorporation
NCR Media Contact
Scott Sykes
NCR Corporation
scott.sykes@ncr.com
2