Mimecast To Lay Off 80 Workers Weeks After Disclosing Hack

Mimecast CEO Peter Bauer says cutting 4 percent of its workforce will help the company provide more resources to enterprises while leveraging automation and efficiency for mid-market and SMB customers.

Mimecast will eliminate 4 percent of its workforce just weeks after revealing the SolarWinds hackers compromised a certificate used to authenticate products to Microsoft 365.

The Lexington, Mass.-based email security vendor said cutting 80 of its roughly 1,800 positions will help Mimecast shift upmarket and provide more resources to larger enterprises while leveraging automation and efficiency for mid-market and SMB customers. Specifically, CEO Peter Bauer said Mimecast plans to expand and strengthen its enterprise team to give those clients a customized, higher-touch experience.

“It’s never easy to have colleagues depart, especially in an environment as tough as this one,” Bauer told investors during the company’s earnings call Wednesday. “And we did not make this decision lightly. However, we are confident that this is the right decision for the business and essential to being able to invest in the right areas and achieve our goals.”

[Related: Mimecast Breach Linked To SolarWinds Hack, Allowed Cloud Services Access]

Mimecast’s board of directors approved the restructuring plan Thursday, and the company plans to spent $3.7 million in its current fiscal quarter, which ends March 31, on severance and other one-time termination benefits for the laid off employees, according to a U.S. Securities and Exchange Commission (SEC) filing. The actions associated with the restructuring are expected to be finished by the end of June.

The company plans to reinvest some of the savings from the layoffs into hires into the enterprise space from reps and sales engineers to senior technical resources and customer support personnel, according to CFO Rafe Brown. In order to free up the resources to invest more in Mimecast’s key initiatives, Bauer said there are certain areas where the company’s going to be investing slightly less going forward.

“We’re digging deep to make sure we’re handling the small guys as efficiently as we can and building the systems and evolving the systems to serve them,” Brown said. “And [we’re] focusing more and more of those resources on those larger customers.”

Bauer additionally told investors that five Mimecast customers were targeted by the SolarWinds hackers after the company’s certificate was compromised. The threat actor accessed and potentially exfiltrated customer service account credentials that established a connection from their Mimecast tenants to on-premises and cloud services, the company disclosed Jan. 26.

As soon as Mimecast learned its certificate had been compromised, Bauer said the company began working with the handful of customers who were targeted on remediation measures. The number of Mimecast customers targeted by the SolarWinds hackers is a small fraction of roughly 3,810 firms – or 10 percent of the Mimecast’s customer base - who used the compromised connection to Microsoft 365.

“Our customers, and larger enterprises in particular, understand that this is an unfortunate reality of operating today, and have been highly collaborative with us throughout this process,” Bauer said. “We remain in close contact with them, but we believe that the steps we have taken to isolate and remediate the identified threat has been effective.”

For a couple of weeks after the compromise was announced, Mimecast’s entire employee base was devoted to helping customers through credential changes and being otherwise available to customers, Brown said. This did have a short-term impact on Mimecast’s pipeline generating activities in January, but Brown said that team is all back to their day jobs now. Mimecast first disclosed the hack Jan. 12.

The SolarWinds campaign really underlined for both Mimecast and its customers how significant a target the Office 365 environment is for adversaries, according to Bauer. The attacks have shown the need for additional independent specialist layers of security beyond Microsoft to help shore up and protect Office 365 so that businesses with a considerable dependency on Office 365 can feel secure.

“There’s a lot of things that one learns when one has an encounter with a sophisticated adversary like this,” Bauer said. “And certainly, we are going to absolutely indulge in all of those learnings and look at all of the opportunities we can extract from that to both develop products on our side as well as improve the robustness of Mimecast as an organization.”

Sales for the quarter ended Dec. 31 jumped to $129.6 million, up 17.7 percent from $110.2 million a year earlier. That beat Seeking Alpha’s revenue estimate of $126.7 million.

Net income skyrocketed to $10.8 million, or $0.16 per diluted share, up from $206, or $0.00 per diluted share, the year prior. On a non-GAAP basis, net income jumped to $21.5 million, or $0.33 per diluted share, up 145.6 percent from $8.8 million, or $0.14 per diluted share, the year prior. Seeking Alpha had been expecting non-GAAP earnings of $0.24 per diluted share.

Mimecast’s stock is down $1.78 (3.93 percent) to $43.49 per share in Wednesday morning trading. Earnings were announced before the market opened.

For the quarter ending March 31, Mimecast expects sales of between $130.5 million and $131.5 million, representing growth of between 11 percent and 12 percent on a constant currency basis. Adjusted earnings before interest, taxation, depreciation and amortization (EBITDA) is expected to be in the range of between $28.3 million to $29.3 million, according to Mimecast.