5 Companies That Had A Rough Week

The Week Ending March 10

Topping this week's roundup of companies that had a rough week is Lenovo, whose storage system strategy took a hit from this week's Hewlett Packard Enterprise deal to acquire flash storage company Nimble Storage.

Also making the list this week were IBM, which was sued this week by the state of Pennsylvania for allegedly failing to complete a major IT project; Confide, which discovered that its messaging application wasn't as secure as advertised; a connected device maker that had to scramble to fix a security vulnerability; and AT&T, which faces an FCC investigation because of a failure of its 911 service.

Not everyone in the IT industry was having a rough go of it this week. For a rundown of companies that made smart decisions, executed savvy strategic moves – or just had good luck – check out this week's Five Companies That Came To Win roundup.

Lenovo's Storage Strategy Takes A Hit From HPE's Acquisition Of Nimble

Hewlett Packard Enterprise's $1 billion deal to acquire Nimble Storage this week isn't a win-win for everybody. It effectively ends Lenovo's relationship with the flash technology startup, leaving the China-based data center system company without a key partner as it forges ahead with plans to introduce all-flash storage systems this year.

Customers often want a one-stop shop for their data center needs, but Lenovo's storage system offerings aren't as extensive as those of its competitors, weakening its position in the data center system marketplace. Lenovo, in a bid to step up its storage product portfolio, had a deal with Nimble to utilize its technology in its upcoming ThinkAgile converged infrastructure system.

Lenovo has already been hit hard by the slowdown in PC sales, and its fourth-quarter server sales were down nearly 17 percent year over year, cutting its share of that important market to 6.4 percent. HPE's Nimble acquisition will only add to Lenovo's challenges.

Pennsylvania Sues IBM, Claims Big Blue Failed To Deliver On Unemployment System Contract

IBM found itself on the wrong end of a lawsuit this week when the governor of Pennsylvania sued the company, claiming it failed to deliver on a 2006 contract to replace the state's outdated system for processing unemployment claims, according to an AP story published on the U.S. News and World Report website.

The lawsuit said IBM was paid $170 million, but failed to complete the project by the time the state let the contract expire in 2013. At that point, the project was nearly four years behind schedule and $60 million over budget, the lawsuit states.

The lawsuit, which seeks undisclosed damages, says that turnover and reassignment of key IBM personnel hampered the project while it pushed to get parts of it that had defects declared complete, according to the AP story.

IBM issued a statement saying the lawsuit had no merit and intended to fight it, according to the story.

Confide Messaging App Was Not As Secure As It Claimed, Security Analyst Firm Says

Confide, developer of a messaging application that promised military-grade encryption on mobile devices, scrambled to fix a number of vulnerabilities in the application that a security analyst firm said allowed hackers to impersonate legitimate contacts, steal contact information, and change the content in messages and attachments while in transit.

Confide, which some call SnapChat for business because of its disappearing messages, is reportedly popular among White House staffers. But this week IOActive, a cybersecurity analyst firm, issued a security advisory highlighting the "numerous security vulnerabilities" it discovered in the Confide application, according to an IOActive statement.

IOActive informed Confide of its findings before issuing the security advisory and a report on Wired.com said the vulnerabilities have been corrected. But the incident has left Confide users worried about what may have happened while their messages and data were exposed.

Connected Device Maker Scrambles To Fix Vulnerability

Dahua Technology USA rushed this week to fix a security vulnerability in some of the company's Internet-connected surveillance products, including DVRs and IP cameras.

In a statement Monday, the company said its engineering and security engineers were researching the problem and stressed that the vulnerability was not the result of a malicious attack. On Wednesday, the company said it had developed firmware updates to address the issue.

Independent researcher Bashis discovered the vulnerability over the weekend and went public with his finding, according to Dahua.

Security weaknesses in Internet-connected devices are considered a growing security threat. Such devices can be hijacked by attackers and used to launch distributed denial of service attacks.

FCC Investigating AT&T's 911 System Outage

The U.S. Federal Communications Commission is investigating why AT&T wireless subscribers in at least 10 states were unable to make emergency 911 calls for several hours on Wednesday.

A Reuters story quoted "a person briefed on the matter" as saying a software glitch apparently caused the outage.

The FCC issued a statement, quoting chairman Ajit Pai, saying that every 911 call "must go through" and added: "I have directed commission staff to track down the root cause of this outage." Pai also said he had spoken directly with AT&T CEO Randall Stephenson about the incident.