Palantir Technologies, the secretive Silicon Valley data analysis firm co-founded by Peter Thiel, has lost a marquee cybersecurity client, BuzzFeed News has learned, continuing a string of defections by corporate customers.
Home Depot, which hired Palantir after its major credit card hack in 2014, ended the relationship in December over concerns that Palantir’s services weren’t worth the price, according to two people familiar with the matter who spoke on the condition of anonymity. The retailer concluded that it could accomplish much of the same work on its own, one of the people said.
In addition, Home Depot was rankled when Palantir staff sought to drum up additional business in other parts of the company, on time paid for by the cybersecurity department, one of the people said.
The cancellation means one of the world’s largest retailers has joined a list of blue-chip companies that have stopped doing business with Palantir since 2015. Others, including Coca-Cola, American Express, and Nasdaq, also balked at Palantir’s price tag, BuzzFeed News reported last year, or raised doubts about its usefulness. Home Depot’s exit also illustrates how a metric called “bookings,” which Palantir uses to measure deal size — and which it has given out publicly when describing the size of its overall business — can fail to translate into actual revenue.
At the time it was signed, the Home Depot contract was considered Palantir’s biggest ever cybersecurity deal, and Palantir executives immediately started citing it in pitch conversations with potential new customers, according to internal emails reviewed by BuzzFeed News. Now, Palantir will end up collecting significantly less than the booking value it promoted internally, according to the emails and the people familiar with the matter.
If you have information or tips, you can contact this reporter over an encrypted chat service such as Signal or WhatsApp, at 310-617-1302. You can also send an encrypted email to firstname.lastname@example.org, using the PGP key found here.
Home Depot paid Palantir about $5 million a year, excluding cloud storage costs, during the two years of the relationship, according to someone with direct knowledge of the matter. But Palantir’s internal calculus appeared to reflect an expectation that the price would rise over time — and that the deal would last longer.
In one internal email from December 2014, when contract talks were held, Melody Hildebrandt, a senior Palantir executive, said the two sides had reached a five-and-a-half-year agreement, worth a total of $37.5 million in bookings. Later, in a January 2015 memo to staff, the total deal size was cited as $60 million. (Both emails described the deal as Palantir’s largest ever in cybersecurity.)
A Home Depot spokesperson told BuzzFeed News, “We aren’t going to publicly discuss our cybersecurity operations.” A Palantir spokesperson declined to comment.
Chaired by Thiel, the billionaire venture capitalist who is now advising President Donald Trump, Palantir works for government agencies and major corporations, making highly customized software to analyze and visualize data. Its work, by Silicon Valley standards, is labor-intensive, with teams of “forward deployed engineers” working onsite at client offices.
But Palantir, which started in 2004 and took early capital from the CIA, has generated considerable mystique in Washington and in corporate board rooms. It has garnered a $20 billion valuation, making it among the largest “unicorn” startups in Silicon Valley, and its CEO hinted last fall that it could soon pursue an IPO.
Though Palantir is not primarily a cybersecurity company, it has made cybersecurity an important part of its business development strategy. With a number of corporate customers, Palantir got its initial foothold through cybersecurity services, aiming to eventually add new data-crunching work to the customer’s tab.
Palantir even has a job category called “leverage,” which includes pushing customers to sign up for more of its services, according to former employees. As one former employee put it, “They try to find a specific problem the customer is trying to solve, and use that as a fishing expedition to leverage that into a bigger scope of work.”
At Home Depot — which once had the codename “Sherlock” inside Palantir — cybersecurity was supposed to be just the first service among many.
“The door is open for additional use case talks after we crush Q2 in cyber,” a Palantir business development engineer, Sam Jones, told colleagues in an April 2015 email.
Palantir’s relationship with Home Depot was forged during a crisis. With the retailer reeling in 2014 from one of the largest cyber attacks ever unleashed on a U.S. corporation, Palantir quickly delivered its expert analysis, calculating, for example, the scope of the attack — that 56 million credit or debit card accounts had been compromised. By early 2015, once the initial work had evolved into an annual contract, Palantir engineers were pursuing three different strategies to investigate abnormal activity on the Home Depot network, with detailed findings, a slide deck shows.
Around that time, Daniel Grider, Home Depot’s vice president of information technology, described the Silicon Valley data wranglers as “awesome,” according to a Palantir email. When Jamil Farshchi, Home Depot’s newly hired chief information security officer, raised questions about Palantir’s price, “Grider told him not to worry about that much and just let us do our thing,” Palantir’s Jones told colleagues in 2015.
By 2016, however, Home Depot had taken a dimmer view of Palantir’s services. When the company first threatened to cancel, Palantir offered to lower its price, a person familiar with the matter said. But by then the retailer had determined it could rely on its own employees for the work Palantir engineers were doing.
Palantir had kept close tabs on Home Depot, even discussing juicy tidbits about its leadership. Before Farshchi was hired, Palantir employees discussed Home Depot’s search for a chief information security officer and even cited the salary level of the position. (The source of this information, according to one internal email, was a Palantir employee’s significant other, who worked for a headhunting firm.)
At a Home Depot charity event in April 2015, "it became even more clear the level of respect the entire IT department has for Palantir and that we are also in the ‘inner circle,'" Jones told colleagues soon after. Over several days, Palantir employees joined Home Depot brass in building homes for military veterans, partying until the wee hours, and golfing at the Pinehurst resort in North Carolina.
The Palantir employees learned, via a presentation from a Home Depot executive, about the IT department’s goals for 2015 — useful information as Palantir sought to expand its role. They also accomplished some important schmoozing, Jones said: “We ticked some middle management off a few weeks ago escalating requests, and after drinking with a few of them we were invited to Austin to go hunting.”
Over drinks and cigars, the Palantir employees joined Home Depot executives for hold ‘em poker one night at a nearby condo. (They had to decamp to the condo because “North Carolina has some law about gambling and drinking in the same establishment,” Jones said.) Matt Carey, Home Depot’s executive vice president and chief information officer, was knocked out of the poker tournament three times by a Palantir employee, according to Jones.
“Matt joked with everyone else at our table how smart we were and that we were going to take everyone’s money,” Jones said.