CompuCom Cyberattack Recovery Costs Hit $10 Million; MSP Up for Sale -

CompuCom spent $10 million to clean up a cyberattack that triggered a malware incident, and the MSP (managed IT services provider) remains up for sale amid shrinking revenues, parent ODP revealed in a Q1 2021 earnings statement today.

CompuCom disclosed the cyberattack in early March 2021. Later that month, parent ODP predicted that the attack would cost the MSP between $5 million and $8 million in lost revenue, and up to $20 million in cleanup costs.

CompuCom Financial Performance

Fast forward to May 2021, and CompuCom now pegs the cleanup costs at $10 million, and the overall MSP business is struggling.

For Q1 of 2021, CompuCom reported:

Sales of $196 million, down 17% compared to Q1 of 2020.

A $1 million operating loss in Q1 of 2021, compared to $3 million operating income in Q1 of 2020.

ODP says CompuCom's business was primarily related to "services volumes related to the COVID-19 outbreak and other factors, as well as lower billed service revenues as a result of the malware incident."

CompuCom Struggles Within Strong MSP, MSSP Markets

CompuCom's business struggles are in stark contrast to the world's Top 100 Vertical Market MSPs, Top 250 Public Cloud MSPs and Top 250 MSSPs -- the vast majority of which remained in growth mode during the coronavirus pandemic.

Parent ODP has been trying to sell off CompuCom since late 2020. Office Depot acquired CompuCom for $1 billion — a lofty 10 times earnings at the time— in October 2017. The IT services business unit has generated mixed performance under ODP’s ownership.