Dive Brief:
- Okta plans to cut its workforce by 5%, eliminating jobs for about 300 employees, the company said Thursday.
- The company’s growth plan for fiscal year 2023, based on demand experienced in the previous year, “led us to overhire for the macroeconomic reality we’re in today,” CEO and Co-Founder Todd McKinnon said in an email to employees.
- McKinnon also blamed “execution challenges” the company confronted in the first half of the fiscal year.
Dive Insight:
Okta had a rough go on the cybersecurity front in 2022, culminating with a year-end theft of its source code repositories on GitHub. It was just one in a series of incidents that impacted its identity and access management platform last year.
Absent these cybersecurity incidents, it’s unclear what “execution challenges” McKinnon referenced in his note about the layoffs.
The company declined to answer Cybersecurity Dive’s questions on the matter, but pointed to its security action plan as evidence of the steps taken thus far to improve its security posture.
The company closed its FY-23 Q4 on Tuesday and financial results are scheduled to be released on March 1.
Revenue jumped 37% year over year to $481 million in FY-23 Q3, which ended on Oct. 31, 2022. It reported a net loss of $209 million, a slight improvement from the $221 million net loss it reported in the year-ago period.
CFO Brett Tighe, during the FY-23 Q3 earnings call, warned investors the macro economic environment for Okta “will get worse before getting better.” The company reduced hiring plans during the quarter and Tighe said all costs were under review after execution challenges resulted in “lower-than expected capacity build.”
Okta’s revenue has consistently grown on a year-over-year basis since it went public in 2017. The company has never reported a quarterly profit and quarterly losses hit a high of $243 million in FY-23 Q1. Annual losses jumped 218% to $848 million in FY-22, Okta’s last full-year report.
But the company’s customer base is growing. Okta reported 17,050 customers as of Oct. 31, 2022, a nearly 14% increase from the 15,000 customers it reported last January.
“A workforce reduction like this is the last thing I wanted to do, and I am truly sorry,” McKinnon said. “I wish I had responded sooner, but we’re doing the best we can today to adjust to this new reality.”
Cyberattacks and breaches could impact McKinnon’s stated goal “to further extend [Okta’s] position as the digital identity leader for all use cases.”
The company was breached by the extortion group Lapsus$ in early 2022, hit by a spree of phishing attacks in a months-long campaign dubbed Oktapus, and determined primary and secondary customer data was exposed as a result of the August phishing attack against Twilio.
The persistent phishing campaign that tricked some Okta customers into sharing their credentials with a threat actor on spoofed sites lends further credence to the need for a passwordless future, McKinnon said in an August earnings call.