5 Companies That Had A Rough Week
For the week ending Oct. 25, CRN looks at IT companies that were unfortunate, unsuccessful or just didn't make good decisions.
The Week Ending Oct. 25
Topping this week's roundup of those having a rough week is ServiceNow, whose CEO is leaving for another job and whose market capitalization took a really big hit. Also making the list is Amazon Web Services after two U.S. senators asked the Federal Trade Commission to investigate AWS because of alleged “defective” cloud services that were hacked earlier this year. Also on the list is Infosys, whose executives were the subject of a whistleblower complaint; VPN service provider NordVPN for having to explain a 2018 security breach in a third-party server; and Adobe, for scrambling to clean up after a database with information on 7.5 million subscribers was left exposed.
Not everyone in the IT industry was having a rough go of it this week. For a rundown of companies that made smart decisions, executed savvy strategic moves – or just had good luck – check out this week's Five Companies That Came To Win roundup.
ServiceNow CEO Leaves For Nike Job, Company Loses Billions In Market Cap
Cloud computing services provider ServiceNow lost billions of dollars in market cap value over the last week as the company’s CEO said he was leaving to take the top job at Nike and as some financial analysts expressed growing concern about the company’s value.
On Tuesday CEO John Donahoe (pictured), who has been ServiceNow’s CEO since April 2017, disclosed that he is leaving to take the top job at Nike. That caused the company’s stock to plunge more than 5 percent in after-hours trading, with the company losing $2.3 billion in market value by Wednesday afternoon.
Former SAP CEO Bill McDermott has been hired to replace Donahoe and he will take over the CEO position by the end of the year.
By midweek, ServiceNow’s market cap had fallen by more than $7 billion from the previous Friday. On Thursday, the company gained some of that back following a strong third-quarter financial results report, but the firm’s market cap for the week was still down more than $3.6 billion.
Senators Urge FTC Investigation Of ‘Defective’ AWS Cloud Services In Capital One Probe
U.S. Senators Elizabeth Warren and Ron Wyden are calling on the Federal Trade Commission to investigate whether Amazon Web Services’ alleged failure to secure its servers at the center of a Capital One hacking incident constitutes an unfair business practice and a violation of federal law.
The senators claim in a letter to the FTC that AWS “continues to sell defective services to businesses, government agencies and to the general public.”
The senators ask FTC chairman Joseph Simons to investigate whether AWS is culpable in the Capital One breach, revealed in July, in which a former Capital One employee gained access to personal data of 100 million U.S. credit card customers and applicants.
Infosys Executives Accused By Whistleblowers Of Hiding Damaging Figures
Whistleblowers inside IT services and consulting giant Infosys have accused the company’s CEO and CFO of misleading the Infosys board and shareholders about the company’s finances by withholding financial data to make the company’s financial performance appear better than it is.
The allegations are being investigated by the Infosys board’s Audit Committee in accordance with the company’s whistleblower policy. The information has also been provided to the U.S. Securities and Exchange Commission.
Reuters reported that the SEC has launched a probe into the allegations and that a class action lawsuit has been filed against Infosys in a U.S. federal court based on the complaints.
The whistleblowers specifically said they were told not to report costs associated with a number of large deals, including visa costs, that would reduce the contracts’ profitability.
NordVPN Scrambles To Respond To Data Center Breach
NordVPN, a popular virtual private network service provider, confirmed this week that it was the victim of a hack in 2018, but the company downplayed the scope of the security breach.
NordVPN, which touts its ability to protect subscribers’ online identity, this week said that a server in a third-party data center in Finland was compromised in March 2018. The server had been active for about a month and an attacker gained access to the server by exploiting an insecure remote management system left by the data center provider, according to a Techcrunch story.
In an online posting, NordVPN said it was not immediately made aware of the breach when evidence of it first appeared on March 5, 2018. The unsecured management account was deleted on March 20 and NordVPN learned of the incident in April.
NordVPN emphasized that only one server was affected, not the company’s entire service. The server has been destroyed, NordVPN has terminated its contract with the unnamed data center provider, and the company is conducting an “extensive audit” of its service.
NordVPN said no user credentials were affected and the intruder did not find any user activity logs because they do not exist.
Adobe Database Exposes Info On 7.5 Million Creative Cloud Users
Sticking with the topic of security breaches, Adobe had some explaining to do this week when it was revealed that a poorly secured database exposed information on 7.5 million Creative Cloud subscribers.
The Elasticsearch database was unsecured and was accessible by anyone without a password or other authentication, according to a Threatpost story. The database included such subscriber information as email addresses, account information and purchased Adobe products.
While the database did not include payment data, the exposed information could be used by hackers to launch phishing attacks.
The unsecured database was discovered by Comparitech and security researcher Bob Diachenko. Diachenko informed Adobe about the database on Oct. 19 and the database was secured that day, according to BleepingComputer.
Adobe Creative Cloud includes the software company’s popular Photoshop, Illustrator, Lightroom, InDesign, Premiere Pro, After Effects and Audition applications.