Customer Update – January 2, 2023


Dear Valued Customer,


During the past 24 hours, we have confirmed that all databases are complete and in good order. continue to run maintenance checks to verify all backup systems are working as intended. As of the moment, we have 93% of the infrastructure fixed and running and we are working with Citrix to connect.


I was hopeful that our applications would be back online for you Tuesday. I am sorry, but that will yet be possible. We are still testing basic functionality and will move to more detailed testing later evening to make sure the programs are working as intended.


I am so encouraged that no data was lost or damaged. Our teams are working as fast as possible to verify the applications are working properly. While I still do not have an absolute timeline, I am hoping Wednesday they will have made enough progress to put you back in business.


Please accept my apologies and appreciation for your understanding.


Deborah Ball, CEO


Cott Systems, Inc. | 2800 Corporate Exchange Dr., Ste.300 | Columbus, OH 43231

o) 800-588-2688 M-F 7am-6pm Eastern | f) 866-540-1072

Customer Update – January 1, 2023


Dear Valued Customer,


I am thankful it is a new year and we will soon be able to put the Christmas cyber invasion behind us and we know you are too. Today as we continue to systematically work through the forensic and remediation steps with our cyber security team, our findings and results are very positive. The teams have worked through validating more than 1/2 of our systems. Those are all functioning normally. In addition, are systematically validating hundreds of millions of images.


As our IT team works through the process, we are learning how long the validation phase is taking and how varied it can be depending on what is found. I am hopeful that we will be able to restore at partial functionality to your office very soon.


Tomorrow we will be busy testing to make sure our validated systems are “talking” to each other and functioning properly. In tomorrow’s communication, we will let you know what, if any, software is available on Tuesday.


I wish you a year of good health and good fortune in 2023.


Deborah Ball, CEO


Cott Systems, Inc. | 2800 Corporate Exchange Dr., Ste.300 | Columbus, OH 43231

o) 800-588-2688 M-F 7am-6pm Eastern | f) 866-540-1072

Customer Update – December 31, 2022


Dear Valued Customer,


Today we continue to systematically work through the forensic and remediation steps with our experienced cyber security team. They are working hand-in-hand with Cott IT staff to examine and validate data and systems. We have prioritized our offsite data center, and at this point, there is no evidence that customer data was taken from our hosted environment. Many of you have inquired whether your backups still exist. At this time, we see that they are all there and we are carefully working to examine them.


With our cyber security team, we are progressing through the validation of all systems and data Cott and our offsite data center. This activity will continue through the weekend. Each day we come closer to restoring your operation. Unfortunately, there are no shortcuts. We are all aware of how valuable this information is: it must be complete; it must be accurate. Validation will take time, and we will keep you updated.


I sincerely appreciate your patience and understanding while we proceed as fast as we can.


Deborah Ball, CEO


Cott Systems, Inc. | 2800 Corporate Exchange Dr., Ste.300 | Columbus, OH 43231

o) 800-588-2688 M-F 7am-6pm Eastern | f) 866-540-1072

Customer Update – December 30, 2022


Dear Valued Customer,


We continue working around the clock with third-party forensic and remediation specialists to help restore operations as quickly as possible. As of today, I can confirm that we are making good progress and I am encouraged. As previously mentioned, there are many people and steps involved. The steps we have completed with our specialists so far are going well and proving effective. Everyone involved will continue working through the holiday weekend. You will also continue to receive updates each

day. Please be assured that as soon as I am able to confirm a timeline for resolution, I will do so.


Please remember that we are unable to send or receive emails so please call Customer Support if wish to reach us.


I am truly so sorry for what has happened. I deeply appreciate your patience and understanding as we work through this critical situation.


Deborah Ball, CEO

Cott Systems, Inc. | 2800 Corporate Exchange Dr., Ste.300 | Columbus, OH 43231

o) 800-588-2688 M-F 7am-6pm Eastern | f) 866-540-1072

Customer Update – December 27, 2022


To all valued Cott customers,


We have an update on the status of our Hosted Services.


We are working with two outside cyber security firms to continue to investigate how potentially malicious files got to our infrastructure Christmas Day/night and we continue to work on fully containing them.


We were told by the cyber security experts that this particular Christmas Day incident happened to many companies on Sunday. As we continue to investigate, the required steps make it necessary to keep our systems isolated. We acknowledge that you will not be able to work and understand the impact that this has on your office. We are experiencing the same impact.


While we cannot yet provide a timeline for resolution, please know that we are pressing the cyber experts to move as quickly as possible. We will continue to communicate through these updates as more information becomes available. We will alert you immediately when our services are available. At the end of each day, we will give you a status report and let you know if our services will be available the next day. Thank you.


Deborah Ball, CEO


Cott Systems, Inc. | 2800 Corporate Exchange Dr., Ste.300 | Columbus, OH 43231

o) 800-588-2688 M-F 7am-6pm Eastern | f) 866-540-1072

IMPORTANT UPDATE


To all valued Cott customers,

 

As you know, on Monday, December 26, Cott Systems identified some unusual activity on our servers. In an abundance of caution, we disconnected all of our servers to isolate that activity within our environment. We then immediately engaged cyber specialists to investigate the event and they began a forensic analysis. It has been determined that Cott Systems is the victim of an organized cyber-attack.

 

We have notified the FBI. Both the FBI and Homeland Security have indicated that they are aware of, and have been investigating, this particular group of criminals who operate worldwide. We will be sharing information as we proceed. We are working 24 x 7 with the forensic specialists to review all affected systems. While this is being completed, they are also working with us to identify ways to securely rebuild processes and restore functionality.

 

There are many steps involved in the recovery from this cyber-attack. At this time, we are not able to give you a date when we will be fully operational or when connectivity and all of your services will be restored. You will be kept informed by a daily update.

 

Finally, we are working on methods for you to be able to continue to at least manually process transactions. These will be provided in additional communications once we work out the details.

 

Cott Systems exists to serve you. We acknowledge that time is of the essence and this is an emergency situation. Please accept our sincere apologies for the impact that this cyber-attack is having on your office.


Deborah Ball, CEO


Cott Systems, Inc. | 2800 Corporate Exchange Dr., Ste.300 | Columbus, OH 43231

o) 800-588-2688 M-F 7am-6pm Eastern | f) 866-540-1072
If you just opted in, you're consenting to receive marketing emails from: FNF, 601 Riverside Drive, Jacksonville, FL 32204. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact