5 Companies That Had A Rough Week

The Week Ending Nov. 10

Topping this week's roundup of those having a rough week is AT&T, whose bid to acquire Time Warner is reportedly facing new regulatory hurdles.

Also making the list this week are Verizon's Yahoo operation, whose former CEO admitted the company still isn't quite sure how hackers accessed the company's 3 billion customer accounts; Datto, which scrambled to fix two vulnerabilities in its data protection agents; Logitech, which faced customer anger over plans to shut down a smart home device; and Brother, whose printers were the subject of a vulnerability report this week.

Not everyone in the IT industry was having a rough go of it this week. For a rundown of companies that made smart decisions, executed savvy strategic moves – or just had good luck – check out this week's 5 Companies That Came To Win roundup.

AT&T Acquisition Of Time Warner Facing More Hurdles, Possible Delays

AT&T's deal to acquire Time Warner for $85.4 billion is facing more headwinds with reports this week that U.S. regulators are demanding that AT&T sell off Time Warner's cable channels – including CNN – or divest its DirecTV division in order to win government approval.

While AT&T had hoped to complete the acquisition by the end of this year, CFO John Stephens said the timing of the closing of the deal is now uncertain because of ongoing discussions with the U.S. Department of Justice, according to ABC News.

Reports published Wednesday by Reuters and The New York Times both said the DOJ is pushing AT&T to sell either Turner Broadcasting or AT&T's DirecTV satellite television unit to satisfy antitrust concerns about the proposed acquisition.

CNBC later Wednesday quoted AT&T CEO Randall Stephenson as saying he had no intention of selling CNN.

Yahoo Still Unsure How 3 Billion Accounts Were Hacked

It was a tough week for former Yahoo CEO Marissa Mayer (pictured) who was grilled by U.S. senators this week about the 2013 security breach that exposed 3 billion Yahoo accounts – and admitted that Yahoo is still in the dark about exactly how the hack was pulled off.

While Yahoo initially said that some 1 billion accounts were exposed in the breach, Yahoo, which is now owned by Verizon, revealed last month that all 3 billion Yahoo accounts were affected by the breach.

"We worked hard over the years to earn our users' trust. As CEO, these thefts occurred during my tenure, and I want to sincerely apologize to each and every one of our users," Mayer said in her testimony to the Senate Committee on Commerce, Science and Transportation, according to published reports by CNBC and other media.

Mayer blamed "criminal state-sponsored attacks" for the breach and four individuals, including two Russian intelligence agents, have been indicted in connection with the attack. But, shockingly, Mayer said that Yahoo still isn't sure how the attack was carried out.

"To this day we have not been able to identify the intrusion that led to this theft," Mayer said. "We don't exactly understand how the act was perpetrated. That certainly led to some of the areas where we had gaps of information."

Datto Scrambles To Fix System Vulnerabilities, Spars With Continuum Over Disclosures

Datto, the IT business management and continuity services provider, hustled this week to address two security vulnerabilities in the vendor's data protection agents. That's problem enough, but Datto also found itself in a spat with rival Continuum over disclosure of the vulnerabilities.

Datto said the vulnerabilities in its system could allow a rogue user to either pair with an agent or bypass agent command execution restrictions. Datto CTO Robert Gibbons detailed the problems in a five-page letter published Monday. There are no reports of client devices or cloud backup systems being compromised because of the bugs.

One of the bugs, a Datto Windows Agent, has already been addressed with new software and the company is working on an agent software update to address the other vulnerability.

Datto rival Continuum Managed Services, however, reported the vulnerabilities to Datto back on Oct. 25 and the company was working on a security update for its clients. That's because some Continuum partners still use Vault backup and recovery software from Datto that Continuum sold until 2015.

Datto objected to Continuum's disclosure plans, saying it wanted to get word of the problems out first and that public disclosure of the unpatched bugs would make customers more vulnerable to attack. Continuum's CEO said his company was "acutely aware of the risks involved" in going public about the vulnerabilities and that it only intended to alert its affected partners.

Logitech Hit With Consumer Backlash On Plans To 'Brick' Its Harmony Device

Logitech had to quickly backpedal and make amends with its customers this week when the electronic peripherals and device maker was hit by a customer backlash when word got out about the company's plans to shut off or "brick" its Harmony Link devices.

Harmony Link is a smart home device used to control entertainment systems through a smartphone application. The product has been out since 2011, but has since been replaced by the Harmony Hub.

Logitech informed customers that it would shut down all services for the Harmony Link on March 16, 2018. The blowback from customers on Reddit and other forums this week was swift, with some vowing to stop buying Logitech products, according to a report on The Verge.

Thursday the company quickly backtracked and offered a free upgrade to Harmony Hub for all Harmony Link owners. The company previously offered free upgrades only to Harmony Link owners still under warranty while all others were only offered a 35 percent discount on the new product.

"I made a mistake. It was an honest mistake," Rory Dooley, head of Logitech Harmony, was quoted in a story on the Wired website. "Mea culpa. We're going to do right by our customers and do the right thing."

Brother Printers Open To Denial-Of-Service Attacks

Threatpost reported this week that some networked consumer and business printers manufactured by Brother contain an unpatched vulnerability that remote attackers can use to cause a denial-of-service condition on the device.

Researchers at Trustwave's SpiderLabs disclosed the vulnerability this week after what Threatpost described as "numerous fruitless attempts" by Trustwave to contact Brother about the problem.

The vulnerability affects all Brother printers with the Debut embedded webserver, according to Trustwave, and can be exploited with a single malformed request to the printer. Trustwave said there are nearly 15,000 affected devices online.