5 Companies That Had A Rough Week

The Week Ending April 27

Topping this week's roundup of those having a rough week are Amazon and Google parent Alphabet, after a data error suspended trading of their shares on the New York Stock Exchange.

Also making the list this week are Apple for having to recall some MacBook Pro models for potential battery problems; Altaba (formerly Yahoo), which was fined $35 million this week for failing to disclose the massive security breach by hackers in 2014; Western Digital for reported file leakage problems with its My Cloud EX2 device; and Panera, which has been hit with a class action lawsuit over a reported security breach of the restaurant chain's IT system.

Not everyone in the IT industry was having a rough go of it this week. For a rundown of companies that made smart decisions, executed savvy strategic moves -- or just had good luck -- check out this week's 5 Companies That Came To Win roundup.

Data Error Results In Suspended NYSE Trading For Amazon, Alphabet

Trading of shares for tech giants Amazon and Google parent Alphabet were suspended on the New York Stock Exchange Wednesday.

The two companies were among five Nasdaq-listed stocks that were affected by what the NYSE called a "price scale code issue" in the middle of the trading day that resulted in the trading suspension. (The issue also halted trading for two energy companies and the holding company that owns booking sites Priceline and Kayak.)

While Amazon and Alphabet traditionally trade on the Nasdaq exchange, the NYSE allows Nasdaq stocks to be bought and sold on its New York City trading floor. Trading of Amazon and Alphabet on Nasdaq was not interrupted.

Apple Recalls Certain MacBook Pro Models For Battery Flaw

In another instance of battery woes at Apple, the company this week initiated a battery replacement program for certain 13-inch MacBook Pro laptops because the batteries are prone to expanding.

The recall affects models of the MacBook Pro that stem from the 2016 redesign – but only involves entry-level models that don't feature the Touch bar, the touch-sensitive strip that replaced the row of function keys.

In a web page for the recall program, Apple said "a component may fail causing the built-in battery to expand." The company said the recall involved "a limited number" of non-Touch Bar units of the MacBook Pro line, but provided no additional details about how many laptops could be impacted by the recall.

Altaba (Formerly Yahoo) Fined $35 Million For 2014 Security Breach

Altaba Inc., the company left after Verizon acquired Yahoo's internet business and content, was hit with a $35 million fine by the U.S. Securities and Exchange Commission this week for Yahoo's failure to disclose a massive 2014 security breach for two years.

The fine is the first time the SEC has gone after a company for failing to disclose a cybersecurity breach, according to stories posted by Reuters, The Wall Street Journal and other media outlets.

The security breach, believed to have been carried out by Russian hackers, resulted in the theft of data, including usernames, encrypted passwords, birth dates and more, from hundreds of millions of user accounts.

The SEC charged that Yahoo failed to adequately investigate the breach or consider disclosing it to shareholders. The $35 million fine stems from a settlement with Altaba in which the company neither admitted nor denied wrongdoing.

While $35 million is a lot of money, it should be noted that with the security breach impacting more than 500 million Yahoo subscribers, the fine works out to less than 15 cents per victim.

Western Digital Storage Device Reportedly Leaks Files

Storage system manufacturer Western Digital faced reports this week that its My Cloud EX2 storage device leaked files on local networks and, if configured for remote access, through the public Internet.

This week Trustwave, an information security service provider, released its findings that the Western Digital device leaks files to anyone on a LAN by default, no matter the permissions set by users, according to a post on Trustwave's SpiderLabs blog.

"Unfortunately the default configuration of a new My Cloud EX2 drive allows any unauthenticated local network user to grab any files from the device using HTTP requests," Trustwave said.

The security company also said that if the device is configured for remote access through the internet, the device leaks files through HTTP requests on port 9000. Trustwave said the storage device's UPnP media server, which starts automatically when the device is turned on, is the source of the leak.

Western Digital has responded by saying that only files that reside in a "share" state for which the system's DLNA (the technology that allows multimedia devices to communicate on a local network) is enabled are accessible without password protection and only on a local network, according to reports published by Threatpost and Security Affairs.

Panera Hit With Lawsuit Over Security Breach

Popular fast food chain Panera has been hit with a class-action lawsuit seeking damages from a security breach that exposed names, birthdays, emails and even credit card numbers over an eight-month period.

The security breach, exposed earlier this month by the Krebs on Security website, may have impacted data on millions of Panera customers.

The lawsuit, filed by residents of Illinois, Tennessee and Minnesota, are seeking unspecified damages because their personally identifiable information stored as part of the My Panera and Panera Rewards programs had been exposed, according to a story on the Top Class Actions website.