The financial impact from a March 1 cyber-attack on CompuCom, a wholly-owned subsidiary of ODP Corporation, is expected to reach the $28 million range, the company said.
Following the incident, which resulted in some of the managed services provider’s systems being infected with malware, customer services and internal operations were suspended, but ODP now says that significant progress was made in restoring services.
Although no technical details on the incident were revealed, ODP claims that “the down time experienced and related impact due to the malware incident” will impact the revenue for March, with the financial results for the first fiscal quarter of 2021 likely impacted.
Thus, ODP estimates the loss of revenue to be between $5.0 million and $8.0 million, mainly the result of temporarily suspending services to certain customers.
Furthermore, the company expects expenses of up to $20 million associated with the incident, with approximately $10 million to be accrued during the first quarter of 2021.
These expenses, ODP says, are related to service restoration efforts and to addressing “certain other matters resulting from the incident.” Some of these expects might be covered by insurance, the company adds.
While delivery capabilities were substantially restored by March 17, the service delivery for all customers is only expected to be restored by the end of March 2021. CompuCom also took steps to harden the security of its systems.
ODP will provide further information on its first quarter financial performance during its first quarter earnings call, currently scheduled for May 5, 2021.