Evotec mitigates earnings expectations in wake of April cyberattack

Evotec mitigates earnings expectations in wake of April cyberattack

An April cyberattack has caused Evotec to revise downward its financial guidance and expectations from unpartnered R&D efforts.

The German biotech previously expected 820 million to 840 million euros ($900 million to $921.8 million) for 2023 group revenues, but the range has now been updated to 750 million to 790 million euros ($823 million to $867 million), according to a Thursday press release. Unpartnered R&D has been revised from 70 million to 80 million euros ($76.8 million to $87.8 million) while EBITDA has been pushed down from 115 million to 130 million euros ($126 million to $142.7 million) to 60 million to 80 million euros ($65.8 million to $87.8 million).

Evotec announced that systems had been taken offline by a cyberattack in April. This led to a drop in productivity throughout the entire second quarter, according to today’s update. Things started off well in the first quarter for Evotec, with revenues exceeding 210 million euros ($230.4 million) and 30% growth, showing that “underlying business dynamics in a challenging environment are intact,” according to the company.

Evotec had to take swift action in response to the attack, taking all external-facing systems offline to protect the company’s partners and “ensure that integrity of scientific data remained unaffected,” according to Thursday’s press release. Partners include Johnson & Johnson unit Janssen Pharmaceuticals, Takeda and Sanofi.

Operations were re-started at the end of April and productivity reached 50% in May, rising to 80% in June.

The company still expects to make 370 million euros ($406 million) in revenue this half, due in part to the nature of Evotec’s long-term collaborations. The company said part—but not all—of the missed 70 million euros ($76.8 million) should be possible to make up in the remaining half of the year.

Evotec spent about 25 million euros ($27.4 million) responding to the cyberattack, which are one-off costs. But the company plans to take other steps to bolster its IT infrastructure “to build a better, safer, and even more efficient organization for the future.”

Helping to mitigate the disruption are two partnerships with Sandoz and Bristol Myers Squibb, the company said.

Evotec’s cyberattack nightmare is a cautionary tale for other biopharmas. Eisai was hit with a ransomware attack in June and Novartis was a victim last year. A 2021 report from the U.S. government found that healthcare was the industry highest-hit by cyberattacks, accounting for nearly a quarter of events in 2020.

Share:
error: Content is protected !!