On Friday, March 27, David C. Dobson, the chief executive officer of Epiq Global, convened a company-wide all-hands meeting. There would be pay cuts across the board, he told staff. But by making the pay cuts, he explained, the company would avoid layoffs.

Then, three days later, on Monday, March 30, the layoffs began. Some 200 employees were notified of their layoffs over the course of Monday and Tuesday. Later came another round of layoffs, for reductions said to total 400-500 employees across the company.

I first reported on these layoffs earlier this month. They followed a major ransomware attacked, also first reported on this blog, that forced Epiq to take its systems offline globally, in some cases for as long as a month.

Epiq has not responded to my requests to comment on the layoffs or to confirm the number of employees affected. Several sources with knowledge of the situation independently provided estimates of 400-500 employees.

At the March 27 all-hands meeting, which was one day after Epiq announced that all its systems were back online, Dobson told employees that the financial consequences of the ransomware attack, compounded by the coronavirus crisis, required the pay cuts.

Dobson said that he would personally take a 100% cut and that others in senior management would take a 25% cut. For all other employees, their pay would be reduced by 10-15%.

Later that day, some employees were similarly assured by their immediate managers that no one would be losing their job.

By Monday, that changed. Human resources staff began calling certain employees to tell them that their positions had been eliminated. On these calls, employees were told that the action was immediate, and at least some employees were locked out of their devices and accounts by the time the call was over.

One employee speculated that it was the double-whammy of the ransomware attack and the coronavirus that necessitated the layoffs. “The general impression we were given was that had we had just one or the other, we’d have been OK.”

While the ransomware attack initially forced Epiq to take its servers offline globally, a source familiar with the situation said the hardest hit portion of the company was its e-discovery business, where two of its U.S. servers were down for nearly a month and customers were unable to access their data.