The marcoms giant, whose PR agencies include Finsbury, H+K, Cohn & Wolfe and Ogilvy, said yesterday afternoon that it had been "affected by a suspected cyber attack".
The email from Sorrell, sent shortly after the above Tweet, said there was "no indication that either employee or client data has been compromised".
WPP's website, which was unavailable yesterday afternoon, is now back online.
Several employees of WPP-owned PR firms declined to comment on the matter when contacted yesterday.
A Twitter user who suggested that all computers at WPP's site in the Sea Containers building in London were showing a particular error message (see tweet below) was rebuked by an Ogilvy staffer. Other WPP staff posted about what they were doing with their new found free time, with their computers out of action.
I work in the Sea Containers building.— James Whatley (@Whatleydude) June 27, 2017
That is not on my screen.
The email from Sir Martin Sorrell to WPP staff
"As you will know, organisations around the world have been hit by a cyber attack. A number of WPP companies – though not all – have been affected.
"We are working with our IT partners and law enforcement agencies to assess the situation, take all precautionary steps and return to normal operations as soon as we can. At this time, we have no indication that either employee or client data has been compromised. As you would expect, our companies and teams are in contact with clients on an ongoing basis.
"Many of you will have experienced significant disruption to your work. However, contrary to some press reports, WPP and its companies are still very much open for business.
"We are a group packed full of highly creative, ingenious and dedicated people. I urge you all to put those qualities to use in making sure that what our clients experience in the hours and days ahead is as close to business as usual as we can possibly manage.
"The IT teams in all our companies affected, coordinated by the Group IT function, are working hard to balance the need to protect our systems and the need to bring them back online in a timely fashion. The approach and solution will vary from company to company. It is crucial that you give them your full cooperation and support, and follow their instructions."
UPDATE: A new statement was posted on Twitter shortly after publication of this story.
Other companies hit
Cyber attack update 09:06 CEST pic.twitter.com/kInQZz4Wyv— Maersk (@Maersk) June 28, 2017
The cyber attack could lead to serious consequences, however, due to the fact that the Company has switched to a reserve control system...— Rosneft (@RosneftEN) June 27, 2017
...neither oil production nor preparation processes were stopped.— Rosneft (@RosneftEN) June 27, 2017
DLA Piper statement on reported malware attack https://t.co/J1BQ4qQdXV— DLA Piper (@DLA_Piper) June 27, 2017
Our network is currently experiencing an IT outage. We're working to resolve the situation ASAP. https://t.co/hAvAexPeBi— Mondelez Intl (@MDLZ) June 27, 2017