SAP Finds Cybersecurity Shortfalls With SuccessFactors, Concur
(Bloomberg) -- SAP SE, Europe’s largest software maker, said several of its cloud-computing products do not meet the company’s cybersecurity standards.
The vulnerabilities affect 9% of SAP’s 440,000 customers, the Walldorf, Germany-based company said Monday in a statement. It plans to fix the problems in the second quarter to meet contractually agreed or statutory security standards. There are no known breaches or security incidents that have resulted from the shortcomings, which affect products from companies that SAP acquired, including SuccessFactors Inc., Concur Technologies Inc. and Callidus Software Inc.
The software giant found similar issues with its C4C/Sales Cloud, Cloud Platform and Analytics Cloud products. The cost of improving the applications is expected to be covered within the range of SAP’s 2020 forecast, according to the company.
SAP’s U.S. depository receipts fell 1.4% in extended trading after earlier closing at $117.19 in New York.
For more than a decade, SAP has spent lavishly on cloud-computing companies to help the 48-year-old business keep up with younger firms delivering software over the internet. The company paid more than $3 billion for SuccessFactors in 2012, upwards of $7 billion for Concur in 2014 and more than $2 billion for Callidus in 2018. When absorbing those companies, SAP inherited their infrastructure, and has faced difficulty transitioning some subsidiaries away from using programs from its chief rival Oracle Corp.
©2020 Bloomberg L.P.