Australian billionaire slams Elon Musk’s return to work order right as his $48 billion firm discloses a huge security flaw
Australian tech billionaire Scott Farquhar started a war of words with Tesla CEO Elon Musk over the latter’s return-to-work policies. But a Twitter feud with Musk might need to wait, as Farquhar’s $48 billion software company is dealing with a serious hacker problem.
Musk, the world’s richest man, made waves earlier this week when a leaked email he sent to Tesla employees on Tuesday revealed how the CEO really feels about working from home.
“Remote work is no longer acceptable,” the subject of the email read, as Musk announced that white-collar Tesla employees who do not report to the office at least 40 hours a week can start looking for a new job.
Some tech companies, such as Farquhar’s Atlassian, appear to have taken that literally.
In a Twitter thread on June 1, Farquhar likened Musk’s proclamation to “something out of the 1950s,” and highlighted Atlassian’s move to fully embrace working from home as a “key for our continued growth.” He ended the thread with a link to Atlassian’s career page, inviting disgruntled Tesla employees to apply.
It wasn’t long before Musk responded to Farquhar’s provocation with a jab of his own: “The above set of tweets illustrate why recessions serve a vital economic cleansing function,” he replied.
Musk has a history of criticizing other billionaires on Twitter—having previously done so with Bill Gates and Jeff Bezos. But he didn’t even mention the current controversy surrounding Atlassian’s security protocols.
Atlassian, which was founded in 2002 and now competes directly with established developers including Microsoft and IBM, scaled new heights during the pandemic, briefly hitting a $100 billion market cap last year. Now valued around $48 billion, it recently issued an advisory warning on June 2 about a “critical severity” security flaw in its products, having detected multiple instances of “current active exploitation” by external parties.
The bug is affecting Atlassian Data Center and Server, a collaborative “groupwork” software commonly marketed to businesses, and one of the company’s best-selling products. Confluence has been designed to enable and facilitate remote working, with its homepage on the Atlassian website emphasizing it as a “remote-friendly team workspace.”
The company released a fix at 10 a.m. on Friday, less than 24 hours after the advisory as posted. But the recently-discovered bug impacts older versions of Confluence dating back to 2013, according to tech news outlet The Register.
Atlassian has urged users not to expose their Confluence software to the internet until a patch is released.
It isn’t the first time that weaknesses in Atlassian’s Confluence server have been considered vulnerable to hackers. Last year, the Australian Cyber Security Center issued an alert to Confluence users warning of a “serious vulnerability” in the product’s privacy protocols that could allow attackers to access the server and execute code remotely without authorization or authentication.
Confluence’s security issues exemplify one of the persistent problems associated with companies allowing employees to work from home indefinitely: cybersecurity concerns. It has been a headache for CEOs throughout the pandemic, and for executives like Musk—who reportedly has a habit of destroying his phone once a year out of security concerns—security issues with essential remote-work products like Confluence are just another reason to ask employees to return to the office.
That’s not out of the 1950s.
June 3, 2022: This article was updated to reflect that the bug affected Atlassian Data Center and Server, and what time the company announced they fixed the bug.
This story was originally featured on Fortune.com
