XML 31 R12.htm IDEA: XBRL DOCUMENT v3.24.2.u1
CYBERATTACK
 12 Months Ended
Jun. 30, 2024
Unusual or Infrequent Items, or Both [Abstract]  
CYBERATTACK CYBERATTACK
On Monday, August 14, 2023, the Company disclosed it had identified unauthorized activity on some of its Information Technology (IT) systems. That activity began on Friday, August 11, 2023 and after becoming aware of it that evening, the Company immediately began taking steps to stop and remediate the activity. The Company also took certain systems offline and engaged third-party cybersecurity experts to support its investigation and recovery efforts. The Company implemented its business continuity plans, including manual ordering and processing procedures at a reduced rate of operations in order to continue servicing its customers. However, the incident resulted in wide-scale disruptions to the Company’s business operations throughout the remainder of the quarter ended September 30, 2023.
The impacts of these system disruptions included order processing delays and significant product outages, resulting in a negative impact on net sales and earnings. The Company has since transitioned back to automated order processing. The Company experienced lessening operational impacts in the second quarter and has since returned to normalized operations.
The Company incurred incremental costs, net of insurance recoveries, of approximately $29 in fiscal year 2024 as a result of the cyberattack. The Company recognized insurance recoveries of $30 in the fourth quarter of fiscal year 2024. The following table summarizes the recognition of costs, net of insurance recoveries, as reflected in the consolidated statements of earnings and comprehensive income for the fiscal year ended June 30:
2024
Costs of products sold
$17 
Selling and administrative expenses
12 
Total$29 
The costs incurred relate primarily to third-party consulting services, including IT recovery and forensic experts and other professional services incurred to investigate and remediate the attack, as well as incremental operating costs incurred from the resulting disruption to the Company’s business operations. The Company does not expect to incur significant costs related to the cyberattack in future periods. The timing of recognizing further insurance recoveries may differ from the timing of recognizing the associated expenses.