Tyler Technologies Lost $4 Million In Sales Due To Ransomware Attack
‘The security incident did impact our ability to deliver licenses and services during late September and into October,’ Tyler Technologies CEO H. Lynn Moore says.
Tyler Technologies said the ransomware attack on the company’s network last month caused a $4 million hit to sales, but it does appear that Tyler was able to keep the malware out of its other systems, CEO H. Lynn Moore told investors during an earnings call this week.
“The security incident did impact our ability to deliver licenses and services during late September and into October,” Moore said. “We currently estimate the impact to revenue was approximately $1.5 million in the third quarter and $2.5 million in the fourth quarter. We maintained cybersecurity insurance coverage in amount that we believe is adequate.”
The Plano, Texas-based solution provider has more than 15,000 state, local, and federal government customers that use its billing and data management solutions throughout the U.S. and around the world. The company announced in September that its internal systems were targeted by ransomware, which downed phone lines and took the company’s email offline.
“There has been no evidence of compromise in the separate and segregated environments where we host software for our clients,” Moore said. “And to date, there has been no evidence of malicious activity on client self-hosted systems related to this incident. From day one, we have been regularly communicating with our client community and have actively maintained an incident response page on our website. We encourage you to check for updates there as well.”
From the moment of the attack, Tyler’s own security team was assisted by cybersecurity vendors as well as law enforcement, Moore said. Notably, Mandiant FireEye was called in to help mitigate the damage.
“What we did was we immediately shut down all external points of entry,” Moore said. “So, that disrupted things like being able to conduct – we do a lot of services – support was disrupted. We weren‘t able to send e-mails with attachments for a while. And really that, again, that was just out of abundance of caution. So, it was really short term.”
He said while sales were disrupted in the days following the attack, he said there should not be a lingering effect on the pipeline. Moore did not provide a cost estimate for remediation efforts. Earlier this year, the massive solution provider Cognizant was hit with ransomware, in an attack that also took out some employees ability to send email. On a call with investors after the attack, that company’s CEO Brian Humphries said clean up costs could reach $50 million to $70 million, not including any possible litigation that results.
Tyler hardened its network security following the intrusion and Moore said it is working with law enforcement. “Tyler has also taken steps to supplement the existing multilayered security monitoring, scanning and antivirus protocols already in place,” he said. “We are committed to completing our full forensics investigation and taking all appropriate actions in response to our findings.”
Tyler’s third quarter revenue came in about $10 million higher with $285.7 million in sales in the quarter ended Sept. 30 compared to $275.4 million in 2019, a four percent increase. Net income was down about 1.1 million from a year ago to $39.2 million. Earnings per share were off 6-cents to $0.94 year-over-year.