The 27 largest U.S. companies reporting cyber attacks say they sustained no major financial losses, exposing a disconnect with federal officials who say billions of dollars in corporate secrets are being stolen.
MetLife Inc., Coca-Cola Co., and Honeywell International Inc. were among the 100 largest U.S. companies by revenue to disclose online attacks in recent filings with the Securities and Exchange Commission, according to data compiled by Bloomberg. Citigroup Inc. reported “limited losses” while the others said there was no material impact.
Decisions about material impact are made by companies, though SEC staffers may ask how they made those calls. Agency officials say the guidance is working. “We don’t think there is a need for a rule requirement at this time,” James Daly, SEC associate director, said in a phone interview.
ConocoPhillips, one of at least six major U.S. and European energy companies reported by Bloomberg to have been breached by China-based hackers beginning in 2009, said in its 2012 annual report no cyber breaches “had a material effect.”