5 Companies That Had A Rough Week

The Week Ending Sept. 22

Topping this week's roundup of those having a rough week is the U.S. Securities and Exchange Commission, which was dealing this week with the fallout from a hack of the agency's EDGAR database.

Also making the list this week are Apple, for cellular connectivity problems with the new Apple Watch Series 3; HPE employees, who are bracing for job cuts; Avast, whose CCleaner software was compromised and used to distribute malware; and IBM and the Canadian government, who are dealing with criticism over a problematic and expensive IT contract.

Not everyone in the IT industry was having a rough go of it this week. For a rundown of companies that made smart decisions, executed savvy strategic moves – or just had good luck – check out this week's Five Companies That Came To Win roundup.

SEC Reveals Data Breach Caused By Application Vulnerability

The U.S. Securities and Exchange Commission admitted this week that hackers took advantage of a vulnerability in the agency's EDGAR system that stores and provides public access to financial regulatory documents filed by businesses.

The data breach, which the SEC said occurred last year, was made possible through a vulnerability in the test filing component of the EDGAR system.

The SEC said the attackers might have gained access to "nonpublic information" and used that information for "illicit gain through trading."

Apple Admits Its New Smartwatch Has Cellular Connectivity Problems

Apple is slated to begin shipping its new Apple Watch Series 3 today, but it appears the device has a big problem.

Apple has touted the watch's cellular LTE connectivity as a key new feature of the product. But product reviewers have been reporting that the watch's connectivity to cellular networks is spotty, and the device often tries to connect to unauthenticated Wi-Fi networks instead.

This week Apple acknowledged the problem and said it is developing a fix for a future software release, according to a story on Time.com. But with the product scheduled to go on sale today, the glitch is likely to give pause to some potential buyers.

HPE Employees, Executives Brace For Layoffs Of Up To 5,000 Workers

Employees at Hewlett Packard Enterprise were undoubtedly on edge this week as the company began notifying workers and executives of job cuts as part of the HPE Next restructuring initiative.

Reports say HPE is planning to cut 5,000 jobs or about 10 percent of its total workforce.

In a note to employees Friday, HPE CEO Meg Whitman said the media reports speculating about employee reductions did not come from information released by the company.

"As you know, we have been aggressively moving forward with our HPE Next program, which is focused on positioning the company for the future. And, I can assure you that our employees are the heart of that strategy. We are looking at a variety of options as we think about the cost structure of the company, and they include both reductions and investments," Whitman said in the memo.

The HPE Next initiative is aimed at simplifying the company's structure with expected annual savings expected in the range of $200 million to $300 million. This week the company also announced new management teams within the 11 geographies where HPE operates.

Hack Of Avast's CCleaner Application Illustrate's Growing Challenge Of Supply Chain Attacks

The SEC wasn't the only one dealing with a security failure this week. Researchers said that CCleaner, an application distributed by security company Avast for performing routine maintenance on IT systems, was compromised and used by hackers to distribute malware.

Researchers at Cisco Talos, who discovered the hack, said in a blog post that the attack used downloaded server software to distribute a multistage malware payload alongside the CCleaner installations.

The affected version of CCleaner, release 5.33, was replaced with a new version on Sept. 11. Avast executives told CRN that they don't believe any harm was done to CCleaner users and disputed Cisco Talos' claims about the extent of the hack's impact.

IBM, Canadian Government Hit For Problem-Plagued Payroll System Project

The cost of a failure-plagued IT contract awarded to IBM Canada to develop and implement a payroll system for the Canadian federal government ballooned to $185 million through contract amendments, according to a CBC story this week.

The cost of the Phoenix project, begun in 2011, started at $5.7 million and had continued to grow despite the fact that the system has failed to work properly since it launched in February 2016, according to the story.

The CBC obtained a copy of the 1,700-page contract before publishing its story this week. While the story is certainly bad publicity for IBM, it also takes Canadian officials to task for failing to adequately oversee the project.