Cyber-Attack	3 Months Ended
Mar. 31, 2022
Extraordinary And Unusual Items [Abstract]
Cyber-Attack	Note 8. Cyber-Attack On February 20, 2022, management determined that the Company was the subject of a targeted cyber-attack. Upon discovering the incident, the Company shut down most of its connectivity, operating and accounting systems globally to manage the safety of its overall global systems environment, and initiated its cybersecurity incident response plan. The Company's security teams, supplemented by commercial cybersecurity experts and in collaboration with law enforcement, worked to remediate this cyber-attack. The Company undertook extensive efforts to identify, contain, eradicate and methodically recover from this attack as rapidly as possible. The Company had limited ability to conduct operations for a period of approximately three weeks including but not limited to arranging for shipments of freight or managing customs and distribution activities for its customers’ shipments and performing accounting functions. The Company’s teams worked to maintain its business operations and minimize the impact on its employees, customers and operating partners, including regulatory agencies. While the Company continues to navigate the residual effects and incorporate learnings from the cyber-attack, its core systems are now being utilized to deliver services. In the first quarter the Company incurred, as a result of its inability to timely process and move shipments through ports, approximately $40 million in incremental demurrage charges, where the Company has direct liability for this obligation. These costs are recorded in customs brokerage and other services expenses. Additionally, in the first quarter, the Company incurred investigation, recovery, and remediation expenses, including costs to recover its operational and accounting systems and to enhance cybersecurity protections. These costs are primarily comprised of various consulting services including cybersecurity experts, outside legal advisors, and other IT professional expenses. The Company also recorded estimated liabilities for potential shipment-related claims. Total amounts recorded for these items were approximately $20 million and are recorded in other operating expenses. The Company does not expect to incur significant capital expenditures as a result of the cyber-attack. The Company may incur additional expenses which could include third-party expenses, incremental information services costs, legal fees, or indemnities to customers or business partners. When the Company’s operating systems were down, many customers worked with other providers to meet their logistics needs, resulting in lower shipment volumes in the first quarter for which the financial impact on revenues and operating income cannot be quantified. Such costs and the ongoing impacts from the downtime caused by the cyber-attack could have a further material adverse impact on the Company’s business, revenues, expenses, results of operations, cash flows and reputation. The Company is unable to estimate the ultimate direct and indirect financial impacts of this cyber-attack.

Cyber-Attack

3 Months Ended

Mar. 31, 2022

Extraordinary And Unusual Items [Abstract]

Note 8. Cyber-Attack

On February 20, 2022, management determined that the Company was the subject of a targeted cyber-attack. Upon discovering the incident, the Company shut down most of its connectivity, operating and accounting systems globally to manage the safety of its overall global systems environment, and initiated its cybersecurity incident response plan. The Company's security teams, supplemented by commercial cybersecurity experts and in collaboration with law enforcement, worked to remediate this cyber-attack. The Company undertook extensive efforts to identify, contain, eradicate and methodically recover from this attack as rapidly as possible. The Company had limited ability to conduct operations for a period of approximately three weeks including but not limited to arranging for shipments of freight or managing customs and distribution activities for its customers’ shipments and performing accounting functions. The Company’s teams

worked to maintain its business operations and minimize the impact on its employees, customers and operating partners, including regulatory agencies. While the Company continues to navigate the residual effects and incorporate learnings from the cyber-attack, its core systems are now being utilized to deliver services.

In the first quarter the Company incurred, as a result of its inability to timely process and move shipments through ports, approximately $40 million in incremental demurrage charges, where the Company has direct liability for this obligation. These costs are recorded in customs brokerage and other services expenses.

Additionally, in the first quarter, the Company incurred investigation, recovery, and remediation expenses, including costs to recover its operational and accounting systems and to enhance cybersecurity protections. These costs are primarily comprised of various consulting services including cybersecurity experts, outside legal advisors, and other IT professional expenses. The Company also recorded estimated liabilities for potential shipment-related claims. Total amounts recorded for these items were approximately $20 million and are recorded in other operating expenses. The Company does not expect to incur significant capital expenditures as a result of the cyber-attack.

The Company may incur additional expenses which could include third-party expenses, incremental information services costs, legal fees, or indemnities to customers or business partners. When the Company’s operating systems were down, many customers worked with other providers to meet their logistics needs, resulting in lower shipment volumes in the first quarter for which the financial impact on revenues and operating income cannot be quantified. Such costs and the ongoing impacts from the downtime caused by the cyber-attack could have a further material adverse impact on the Company’s business, revenues, expenses, results of operations, cash flows and reputation. The Company is unable to estimate the ultimate direct and indirect financial impacts of this cyber-attack.