Who's disrupted by the latest global cyberattack

Companies and organizations in the United States and elsewhere were affected.

— -- This week’s sophisticated cyberattack has disrupted companies and government agencies in the United States and elsewhere around the world, according to U.S. officials and private cybersecurity analysts.

The new and highly virulent strain of ransomware has paralyzed businesses across the globe, with Russia and Ukraine appearing to be the hardest hit.

The malware's origins remain unclear and cybersecurity researchers are still investigating. Many experts believe the malicious software started in Ukraine before spreading worldwide.

Here is a list of some of the companies and organizations that have reportedly been affected by the latest global cyberattack:

Danish shipping giant A.P. Moller-Maersk confirmed it was among the companies that were hit.

"IT systems are down across multiple sites and select business units," the company said in a statement on its website Wednesday. "We have contained the issue and are working on a technical recovery plan with key IT-partners and global cyber security agencies. We have shut down a number of systems to help contain the issue."

Maersk's port operator, APM Terminals, was also affected "in a number of ports" and freight forwarding service Damco "has limited access to certain systems," A.P. Moller-Maersk said.

The company's entities -- Maersk Oil, Maersk Drilling, Maersk Supply Services, Maersk Tankers, Maersk Training, Svitzer and MCI -- were not operationally affected as of Wednesday. Precautionary measures were taken to ensure continued operations, according to its statement.

Beiersdorf AG

“We have all emergency measures in place. We will make sure that we minimize the impact on our consumers, trade partners and customers," Beiersdorf said in a statement on its website Wednesday.

Boryspil International Airport

The main airport in Ukraine's capital of Kiev was hit by a "spam attack," director Yevhen Dykhne said in a post on Facebook Tuesday.

"It's a tough day at the airport today," he said. "In connection with the irregular situation, some flight delays are possible."

Evraz Plc

U.K. steelmaker Evraz said its IT systems were hit but the ransomware did not disrupt its output in Russia, according to Russian state-owned news agency RIA Novosti.

"We confirm our company's computer network was compromised today as part of global hack. Other organizations have also been affected," Merck & Co. tweeted Tuesday. "We are investigating the matter and will provide additional information as we learn more."

Mondelez International Inc.

Mondelez International, a U.S. multinational food company based in New Jersey, said it was still experiencing a "global IT outage" across all its networks Wednesday.

"We continue to work quickly to address the current global IT outage across Mondelez International and to contain any further exposure to our network," the company, which produces Oreos, said in a statement on its website. "At this time, we do not know when our systems will be restored but we appreciate everyone’s patience, understanding and partnership during this process."

National Bank of Ukraine

Ukraine's central bank, as well as a number of other unknown banks and financial firms in the country, was affected by Tuesday's ransomware outbreak, according to Yakiv Smolii, acting governor of the National Bank of Ukraine (NBU).

"The work of a number of banks, which was limited due to cyberattacks, is gradually being restored. The National Bank's electronic payment system (EPS) operates in a regular mode. The process of restoration of the work of affected banks in the EPS of the NBU continues," he said in a statement Thursday. "All processing centers of the country are working. Payment cards transactions are being carried out in a regular mode."

Reckitt Benckiser Group Plc

Reckitt Benckiser Group revealed it was among those hit by the cyberattack, calling the malware "highly potent." The British consumer goods company said it anticipates that "some markets will experience delays in shipping and invoicing."

It said in an updated statement on its website Wednesday, "It's being investigated by government agencies and the major security and technology firms, and there remains only a limited understanding of it and only one firm recommendation on how to cope with it.”


Russia’s top oil producer, Rosneft, confirmed in a series of tweets Tuesday and Wednesday that its servers were attacked by the "massive" ransomware, but its oil production and processes were not affected.

"The company works as usual. The situation is under control. It is premature to evaluate the cyberattack impact," the state-owned firm tweeted Wednesday.

Saint-Gobain SA

Saint-Gobain, a French construction materials company, said in a statement on Twitter Wednesday that it too fell victim to the cyberattack and was forced to isolate its computer systems to protect data.

The company's computer systems will remain isolated until the ransomware attack is resolved, though it added that "our production lines continue to operate and we remain serving our clients."

TNT Express

Netherlands-based shipping company TNT Express said in a statement on its website that it is "experiencing interference with some of our systems" after the global cyberattack.

"We have implemented operational contingencies to continue to complete collections from customers with scheduled stops," TNT Express said in its statement. "Customers may experience delays in the transit of shipments, particularly inter-continental or non-EU European delivery, as we work to remediate our systems."

Ukrainian Railways

Ukraine's state-owned railway said in a statement on Facebook Tuesday that its IT systems had been subject to a "massive hacker attack," but that its operations weren't affected.


WPP, the world's largest advertising company, said computer systems within "a number" of its agencies were affected by the ransomware attack.

"Our operations have not been uniformly affected, and issues are being addressed on a company-by-company basis. Many of our businesses are experiencing no or minimal disruption," the London-based company said in an updated statement on its website Wednesday. "Having taken steps to contain the attack, the priority now is to return to normal operations as soon as possible while protecting our systems."

ABC News' Pete Madden and Patrick Reevell contributed to this report.