June 21, 2021

Electric truck start-up Lordstown doesn’t have cash to begin production.

Daily Business BriefingContents0.1 Daily Business Briefing1 C.E.O. Details How Hackers Infiltrated Colonial Pipeline Network1.0.1 Joseph…

Daily Business Briefing

June 9, 2021, 10:23 p.m. ET

June 9, 2021, 10:23 p.m. ET

Credit…David Maxwell/EPA, via Shutterstock

Lordstown Motors, an electric vehicle start-up that aimed to revive a shuttered General Motors factory in Ohio, said on Tuesday that it did not have enough cash to start commercial production of its electric pickup truck and might have to close its doors.

The company, which was once held up as a savior by former President Donald J. Trump, is now being investigated by the Securities and Exchange Commission. In a regulatory filing, Lordstown said it will not be able to begin “commercial scale production” without raising more money from investors and lenders.

Lordstown, one of about a dozen start-ups in the electric vehicle space that have gone public by merging with special purpose acquisition companies, or SPACs, added that there was “substantial doubt regarding our ability to continue as a going concern” — a legal phrase companies often use to alert investors that they might not survive. The company had $587 million in cash at the end of March, down from more than $629 million at the end of last year.

The filing will likely increase doubt about the viability of businesses that have merged with SPACs, which have been criticized by some investors and analysts for doing a shoddy job of vetting the businesses they acquire. Many of the SPAC deals in the electric vehicle space have been particularly precarious because it takes a lot of expertise, money and time to create an auto company capable of mass-producing cars and trucks.

Lordstown has been on shaky ground for months. On Friday, the company said the Nasdaq stock exchange could delist its shares because it was late in filing its quarterly report with the S.E.C. The company offered no explanation for the delay, but it may have been related to an accounting change that securities regulators issued for companies that have merged with SPACs.

Lordstown’s stock fell sharply on Tuesday, closing down more than 16 percent, to $11.22 a share. It fell a bit more in extended trading.

The S.E.C. said this year that warrants awarded in SPAC deals had to be accounted for as debt or a liability on a company’s balance sheet. A warrant grants an investor the right to buy shares at a preset price. Before the accounting change, most warrants were treated as stock and not debt.

Lordstown, in its quarterly filing, reported a net loss in the value of its warrants of about $19 million. The company also reported $82 million in cash proceeds from the exercise of warrants during the quarter.

Just last month, the company said it was on track to start production in September, although it said it would make only about 1,000 trucks by the end of the year — half as many as it had originally planned — if it was unable to raise more money.

The company said it was considering issuing new stock or borrowing money. “As we seek additional sources of financing, there can be no assurance that such financing would be available to us on favorable terms or at all,” the company’s filing said.

Lordstown also said it was reducing its spending to conserve the cash it had on hand, without saying whether it might cut jobs. Company representatives did not respond to a request for comment.

The company was founded by its chief executive, Steve Burns, who previously headed another electric vehicle business, Workhorse Group. Lordstown was created after G.M. decided in 2018 to shut down a plant that had made the Chevrolet Cruze sedan.

Mr. Trump attacked G.M. for closing the factory and demanded that the automaker sell it to someone else. G.M. sold the plant to Lordstown for just $20 million in 2019 and later lent the start-up $40 million. G.M. still owns 7.5 million shares in Lordstown.

Lordstown became a publicly traded company in October when it merged with Diamond Peak Holdings, a SPAC created by a former Goldman Sachs banker who had no experience in the auto industry. The deal was completed in just two months.

In its Tuesday filing, Lordstown revealed that it had received two subpoenas from the S.E.C. seeking documents and information, including about its deal with Diamond Peak. The company said it was cooperating with regulators.

Lordstown also said it restated a portion of its 2020 annual report after determining it had found “material weaknesses” in its financial reporting. The company said it did not have enough employees with “appropriate technical accounting skills and knowledge.”

The company said it was hiring more skilled employees. But it warned that it might not be “successful in remediating the material weaknesses.”

Ohio’s attorney general, Dave Yost, filed a lawsuit on Tuesday in pursuit of a novel effort to have Google declared a public utility and subject to government regulation.

The lawsuit, which was filed in a Delaware County, Ohio court, seeks to use a law that’s over a century old to regulate Google by applying a legal designation historically used for railroads, electricity and the telephone to the search engine.

“When you own the railroad or the electric company or the cellphone tower, you have to treat everyone the same and give everybody access,” Mr. Yost, a Republican, said in a statement. He added that Ohio was the first state to bring such a lawsuit against Google.

If Google were declared a so-called common carrier like a utility company, it would prevent the company from prioritizing its own products, services and websites in search results.

Google said it had none of the attributes of a common carrier that usually provide a standardized service for a fee using public assets, such as rights of way.

The “lawsuit would make Google Search results worse and make it harder for small businesses to connect directly with customers,” José Castañeda, a Google spokesman, said in a statement. “Ohioans simply don’t want the government to run Google like a gas or electric company. This lawsuit has no basis in fact or law and we’ll defend ourselves against it in court.”

Though the Ohio lawsuit is a stretch, there is a long history of government control of certain kinds of companies, said Andrew Schwartzman, a senior fellow at the nonprofit Benton Institute for Broadband & Society. “Think of ‘The Canterbury Tales.’ Travelers needed a place to stay and eat on long road treks, and innkeepers were not allowed to deny them accommodations or rip them off,” he said.

After a series of federal lawsuits filed against Google last year, Ohio’s lawsuit is part of a next wave of state actions aimed at regulating and curtailing the power of Big Tech. Also on Tuesday, Colorado’s legislature passed a data privacy law that would allow consumers to opt out of data collection.

On Monday, New York’s Senate passed antitrust legislation that would make it easier for plaintiffs to sue dominant platforms for abuse of power. After years of inaction in Congress with tech legislation, states are beginning to fill the regulatory vacuum.

Ohio was also one of 38 states that filed an antitrust lawsuit in December accusing Google of being a monopoly and using its dominant position in internet search to squeeze out smaller rivals.

Last year, a Pennsylvania man amassed thousands of followers on Twitter by impersonating relatives of former President Donald J. Trump. In November, he even duped Mr. Trump, who messaged the man “LOVE!” while thinking he was writing to one of his sisters.

The New York Times later identified the man as Josh Hall, a 21-year-old food-delivery driver and Trump supporter, and showed that he had used the accounts to collect thousands of dollars for a fake political group.

On Tuesday, federal authorities arrested Mr. Hall and charged him with fraud and identity theft.

Mr. Hall pretended to be members of the Trump family “to fraudulently induce hundreds of victims to donate to a political organization that did not exist, and then pocketed those funds for his own use,” Audrey Strauss, the U.S. attorney in Manhattan, said in a news release.

Credit…Josh Hall

Mr. Hall’s arrest is a rare instance of criminal charges filed against someone for creating fake accounts on social media. Facebook, Instagram, Twitter and other social networks are rife with millions of fake accounts, many of which impersonate politicians, celebrities and soldiers to scam people out of money. But few of the people behind the fakes ever face consequences.

Mr. Hall attracted the attention of the Federal Bureau of Investigation after he posed as five members of Mr. Trump’s family on Twitter, amassing more than 160,000 followers on the site. Over a year, he pretended to be, among others, Robert Trump, the president’s brother; Barron Trump, the president’s teenage son; and Dr. Deborah L. Birx, the White House’s coronavirus coordinator at the time.

He used the accounts to direct people to donate to a political group called Gay Voices for Trump. Mr. Hall later told The Times that the group didn’t exist. He brought in more than $7,300. The Justice Department said on Tuesday that Mr. Hall had kept the money.

Mr. Hall appeared in federal court in Harrisburg, Pa., on Tuesday, the Justice Department said. He could face up to 22 years in prison, the department said.

Mr. Hall could not be immediately reached on Tuesday. He told The Times last year that his fake accounts were clear parodies and that anyone should have known that, including Mr. Trump, by reading a few of their typically juvenile posts.

“There was no nefarious intention behind it,” Mr. Hall said. “I was just trying to rally up MAGA supporters and have fun,” he added, referring to the abbreviation for Mr. Trump’s slogan, “Make America Great Again.”

Video

transcript

transcript

C.E.O. Details How Hackers Infiltrated Colonial Pipeline Network

Joseph Blount, the chief executive of Colonial Pipeline, told a Senate committee on Tuesday that the company believes cybercriminals accessed its computer systems via a virtual private network that was no longer used.

Just one month ago, we were the victims of a ransomware attack by a cybercriminal group, and that attack encrypted our I.T. systems. Although the investigation is still ongoing, and we believe the attacker exploited the legacy V.P.N. profile that was not intended to be in use, DarkSide demanded a financial payment in exchange for a key to unlock the impacted systems. We had cyberdefenses in place, but the unfortunate reality is that those defenses were compromised. We reached out to federal authorities within hours of the attack, and they have continued to be true allies as we’ve worked to quickly and safely restore our operations. I made the decision to pay, and I made the decision to keep the information about the payment as confidential as possible. It was the hardest decision I’ve made in my 39 years in the energy industry. And I know how critical our pipeline is to the country. And I put the interests of the country first. I kept the information closely held because we were concerned about operational safety and security. And we wanted to stay focused on getting the pipeline back up and running. I believe with all my heart it was the right choice to make.

Video player loading
Joseph Blount, the chief executive of Colonial Pipeline, told a Senate committee on Tuesday that the company believes cybercriminals accessed its computer systems via a virtual private network that was no longer used.CreditCredit…Andrew Caballero-Reynolds/Agence France-Presse — Getty Images

The top executive of the Colonial Pipeline told a Senate committee on Tuesday that an oversight appears to have allowed hackers into its computer systems and contributed to the paralyzing of the delivery of gasoline and other fuels up and down the East Coast.

Joseph Blount, the chief executive of the pipeline company, said the company believes that the criminal hackers infiltrated Colonial’s computers through an old virtual private network, commonly known as a V.P.N., “that was not intended to be in use.” He added, “We are still trying to determine how the attackers gained the needed credentials to exploit it.”

The V.P.N., a technology often used by companies to allow staff to access internal corporate networks from home, did not require multifactor authentication, a process through which a user is granted access to a computer system or application only after successfully presenting two or more pieces of information — security experts often refer to it as “something you know and something you have.” The first piece of information is often a password; the second can be a code sent to a cellphone, for example. Multifactor authentication has become increasingly common, and even free services like Gmail and Facebook offer it and encourage people to use it.

Democratic and Republican Senators were largely sympathetic in their questioning of Mr. Blount and did not press him aggressively on the glaring vulnerability. Colonial operates a 5,500-mile pipeline network that supplies 100 million gallons of gasoline, diesel and jet fuel daily to gas stations, airports and other customers along the East Coast, supplying nearly half of the region’s transportation energy.

“We are deeply sorry for the impact that this attack had,” Mr. Blount said.

Mr. Blount said the company quickly notified the Federal Bureau of Investigation on the day of the attack and suggested the damage done to the pipeline could have been much worse had the company not paid a ransom to a criminal group called DarkSide that infiltrated its system.

The Justice Department said on Monday that it had seized more than half the ransom, which totaled more than $4 million worth of the digital currency Bitcoin.

Deputy Attorney General Lisa Monaco, center, described how the feds hacked the hackers.
Credit…Pool photo by Jonathan Ernst

The Justice Department said on Monday that it had traced and seized much of the ransom that a major U.S. pipeline operator paid to a Russian hacking collective last month. The ransomware attack shut down the Colonial Pipeline for about a week, prompting fuel shortages and price spikes, until the company paid hackers more than $4 million worth of Bitcoin. But federal officials said that a new F.B.I. task force had recaptured most of the Bitcoins by, in essence, hacking the hackers.

Bitcoin transactions are anonymous but not untraceable. The hackers moved the ransom through dozens of accounts, which can be tracked on the blockchain, the public ledger of all Bitcoin transactions. Eventually, the funds landed in an account that a federal judge allowed the F.B.I. to break into. According to court documents, officials got the account’s “private key,” a crucial password that gives the owner complete control over the funds inside.

Tom Robinson of the blockchain analytics company Elliptic, who has been tracking the ransom payments, wrote in a blog post that the account compromised by the authorities appeared to hold the 85 percent share of the ransom that went to the client of DarkSide, the Russian “ransomware as a service” hacking group whose software was behind the attack. The remaining 15 percent was funneled through accounts presumably controlled by DarkSide developers.

In a way, this could be good for cryptocurrency, the DealBook newsletter reports. A major criticism of crypto is that its anonymity and ease of use make it suitable for crime, like the ransomware attacks that, by some measures, strike every eight minutes. The Justice Department didn’t divulge how it had seized the bulk of the Colonial ransom, but its success shows that it can comb the blockchain and crack into at least some accounts. That’s good for the traceability of cryptocurrency used for crime — but also goes against the decentralized, privacy-focused, anti-establishment benefits that some see as crypto’s greatest assets. (There are other cryptocurrencies with features that make them harder to trace than Bitcoin.)

Federal officials encouraged companies to work with the F.B.I. when attacked, as Colonial did, to help recoup ransom payments, which are thought to run into the billions of dollars (and are legal and even tax-deductible).

Joseph Blount, the chief executive of Colonial, will testify Tuesday before the Senate and Wednesday before House, where more details about the attack, and the response, could be revealed.

Job openings surged in recreation, food service and other sectors that are ramping up after a year of pandemic-related restrictions.
Credit…Anjali Pinto for The New York Times

Job openings surged to record levels in April, the latest evidence that businesses are struggling to hire workers as the economy reopens.

U.S. employers had 9.3 million jobs available at the end of April, the Labor Department said Tuesday. That is the most in the two decades that records have been kept, and more than two million more than before the pandemic. Openings surged in recreation, food service and other sectors that are ramping up after a year of pandemic-related restrictions.

Hiring rose, too, but not by nearly as much, which is consistent with separate figures showing that net job growth slowed significantly in April. (Job growth picked up in May, but remains below March levels.)

Many businesses have reported in recent weeks that they would like to hire more quickly but cannot find enough workers. The data released Tuesday, the monthly Jobs and Labor Turnover Survey, provided some evidence of that shortage: There was roughly one unemployed worker for every available job in April. That is above the level before the pandemic, when there were fewer jobless workers than available jobs, but it represents a much faster rebound than after the last recession.

With plenty of jobs available, workers are feeling emboldened: Nearly four million people voluntarily quit their jobs in April, the most on record. The number was especially elevated in the leisure and hospitality sector, where many businesses have been offering signing bonuses and other incentives to lure workers.

“More than a year after horrific job losses and wage cuts, job seekers have a strong hand in the labor market again,” Nick Bunker, director of research for the hiring site Indeed, said in a statement. “Demand for workers is surging as the broader economy starts to emerge from the pandemic.”

A Boeing 737 Max plane flown by Southwest Airlines. Southwest has ordered a total of 383 of the planes through 2031.
Credit…Ted S. Warren/Associated Press

Southwest Airlines said Tuesday that it would buy more Boeing’s 737 Max jets than it had previously planned, providing an important vote of confidence for the troubled plane that was grounded by regulators for nearly two years.

The airline said in a securities filing that it had agreed to buy 34 more Max jets next year, more than doubling its previous order. That brings Southwest’s total order for those planes through 2031 to 383 planes, with options to buy hundreds more. The new jets will replace older 737’s in the Southwest’s fleet, which is made up of various Boeing 737 models. The airline said it expected to retire at least 30 to 35 older planes each year over the next decade.

The news helped to lift Boeing’s sales for May. The manufacturer reported Tuesday that it had sold a net 20 planes last month, after accounting for cancellations.

Southwest’s order comes as the pandemic recedes in the United States and demand for travel rebounds strongly.

Memorial Day weekend kicked off what airlines hope will be a monthslong travel frenzy spurred by widespread vaccinations and a drop in new infections.

Southwest said Tuesday that it expected June revenue to be down only 20 percent compared with the same month in 2019, at the low end of a previous company estimate. Fares for leisure travel in June and July are in line with 2019 and summer bookings are looking “fairly typical,” the airline said in the filing.

Boeing received several dozen cancellations but it also said that it was now hopeful about more than 70 orders that it had previously removed from its books because they seemed unlikely to be filled. The company’s order backlog now stands at more than 4,100 planes, most of which are for the 737 Max.

That plane started flying passengers late last year after a 20 month global ban following two fatal crashes. Since then, 23 airlines have restarted using the Max, flying nearly 45,000 passenger flights, Boeing said.

The British government’s main website was offline during the outage.
Credit…Leon Neal/Getty Images

Several major websites, including those of the British government, The New York Times, CNN, The Financial Times and The Guardian, were briefly inaccessible for many users on Tuesday morning.

According to Downdetector.com, which tracks internet disruptions, sites including Etsy, Hulu, PayPal, Reddit, Twitch and Twitter also reported problems.

Many of the affected sites appeared to have been restored after a little less than an hour.

The outage was connected to Fastly, a provider of cloud computing services used by scores of companies to improve the speed and reliability of their websites. Fastly later said on its website that the issue had been identified and that a fix was being made.

Fastly works on technology known as a content delivery network, which is a highly distributed network of servers used to reduce the distance between a server and user, and increase the speed at which a website loads.

The technology is thought to improve reliability because it distributes the delivery of a website to many locations, rather than depending on a central data center. Fastly did not immediately respond to a request for comment on Tuesday.

Widespread internet outages are less common today than years ago, as Google and other major tech companies develop interconnected data centers that improve performance, but there have been a number of incidents over the last year.

In December, Google services including Gmail, Maps and YouTube crashed for about an hour. The company attributed the problem to an “authentication system outage.” And in January, Slack, the popular workplace messaging platform used by millions of people worldwide, experienced a major disruption in which users could not send messages, load channels, make calls or log in to the service.

Outages like the one on Tuesday, in which many of the affected sites belonged to news outlets, often hit businesses in the same sector because they rely on the same third-party services, said Marie Vasek, a lecturer in information security at University College London.

“All of these websites really depended on this one third-party service, and the slight disruption in that caused this disproportionate effect,” Dr. Vasek said.

Madeline Carr, the director of the Research Institute for Sociotechnical Cyber Security, which focuses on the security of organizations, said that companies that provide the infrastructure for websites can be slow to provide details when they experience internal failures or are the victims of cyberattacks. That is in part because their main selling point to clients is their reliability, she said.

“There does need to be a level of accountability,” said Dr. Carr, also a professor of cybersecurity at University College London. “In the last generation of cybersecurity, it was about ensuring websites were protected or had adequate security, but when you’re talking about something like Fastly, in a sense it doesn’t matter how secure your own website is,” she said, since so many websites depend on it.

Websites for Hulu, Reddit, Twitch and The New York Times crashed for about an hour on Tuesday morning.
Credit…Mark Lennihan/Associated Press

For a company pitching itself as helping improve the reliability and speed of websites, it is hard to imagine a worse turn of events than what Fastly experienced on Tuesday.

Fastly, a cloud-computing company used by businesses around the world to operate their websites, faced an outage that caused popular websites including Reddit, Twitch, Hulu and The New York Times to suddenly crash for about an hour on Tuesday. Websites in North and South America, Europe, Asia and Africa were affected, the company said.

Fastly, based in San Francisco, provides the kind of behind-the-scenes technology that most people do not know exists, but is crucial for making the internet work. The company had been enjoying some success. Its stock skyrocketed last year, benefiting from all the people who were online amid the pandemic, the same wave that helped other tech companies like Zoom before coming back down over the past several months.

Before the system crashed on Tuesday, the stock had more than doubled since the company went public in 2019.

Fastly provides a technology known as a Content Delivery Network, or CDN, a highly distributed network used to reduce the distance between a server and a user, thus accelerating website loading speeds. Fastly says its network improves reliability because it distributes a website to many locations, rather than depending on a central data center.

Everything began going sideways for Fastly on Tuesday morning. At 5:58 a.m. Eastern time, the company posted on its website that it was investigating a problem with its services.

Customers that were experiencing outages included PayPal, The New York Times, The Financial Times and The Guardian. Even the British government’s main webpage was offline.

A spokeswoman for Fastly, whose own website was taken down, attributed the problem to a disruption to Fastly’s systems that send website content from a server to individual users.

Kentik, a network analytics company, said internet traffic volume coming from Fastly’s services fell by 75 percent.

The complexity of the internet means that short-lived outages will always exist, said Doug Madory, Kentik’s director of internet analysis. He noted that Google, Amazon and other large companies have also experienced problems that take services offline.

“There is no error-free internet, it doesn’t exist,” he said. “This is unavoidable because of the complexity.”

But investors seemed to shrug off the worldwide internet outage Fastly had caused. After slumping in premarket trading, its stock price was up about 3 percent Tuesday morning.

A Tesla showroom in Beijing. Sales of the company’s China-made cars jumped last month.
Credit…Nicolas Asfouri/Agence France-Presse — Getty Images
  • U.S. stocks edged higher on Tuesday, with the S&P 500 climbing less than 0.1 percent.

  • Most European stock indexes rose. The Stoxx Europe 600 climbed 0.1 percent as gains in technology and health care companies outweighed drops in the shares of energy companies.

  • The eurozone economy didn’t fare as badly as initially projected at the start of this year, according to a revision of first quarter gross domestic product by the European statistics agency. The region’s economy fell 0.3 percent in the first three months of the year, compared with a previous estimate of a 0.6 percent decline, data published on Tuesday showed.

  • “While the euro area experienced a technical recession around the start of 2021, this upside surprise” to the first quarter economic data “is another positive development,” analysts at Barclays wrote in a note. The improvement suggests “that the euro area could be experiencing a little less scarring than we thought originally.”

  • Japan, too, reported an improved figure for first-quarter growth. Its economy shrank at an annual rate of 1 percent from January through March from the previous quarter, the government said Tuesday, an improvement from the initial estimate of a 1.3 contraction.

  • Tesla’s sales of cars made in China jumped 29 percent in May from the month before, and now represent a third of its total sales, Reuters reported. But Tesla’s Model 3, previously the best-selling electric vehicle in the country, has been overtaken by a cheaper electric car made by the joint venture between General Motors and SAIC Motor. Tesla shares fell 0.3 percent.

  • MoviePass, the failed subscription service that promised unlimited moviegoing for $10 a month, agreed on Monday to settle Federal Trade Commission accusations that it knowingly deceived customers, making the service difficult to use, and exposed their personal data. In the process, the F.T.C. revealed the elaborate obstacles that MoviePass executives made the most active users overcome, including forcing them to reset their passwords and setting unannounced limits on their accounts. “MoviePass and its executives went to great lengths to deny consumers access to the service they paid for while also failing to secure their personal information,” Daniel Kaufman, the F.T.C.’s acting director of the Bureau of Consumer Protection, said in a statement.

Video

Cinemagraph
CreditCredit…By Timo Lenzen

Today in the On Tech newsletter, Shira Ovide writes that YouTube has figured out ways to generate enough cash to make many people in the music world happy — or at least content enough for now. If this persists, YouTube might have achieved something that few internet companies have: a relatively healthy relationship with an established industry that it simultaneously helps and disrupts.

After Black Lives Matter protests last year and an economic crisis that disproportionately sidelined women, corporate America vowed to be more inclusive. It threw its weight behind policies like child care that would foster an equitable recovery from the pandemic, promises that seemed to represent a sea change in what until recently had been an apolitical corporate landscape.

But in corporate boardrooms, little has changed. Boards have been, and continue to be, predominantly male and white, according to a new study that will be released on Tuesday.

The study, by the Alliance for Board Diversity and the consulting firm Deloitte, found that white women gained the most number of seats, increasing their presence at Fortune 100 companies by 15 percent and at Fortune 500 companies by 21 percent. But, in total, they still represent just about a fifth of all board seats. And minority women — which includes Black, Hispanic and Asian women — represent the smallest slice of boardrooms at both Fortune 100 (around 7 percent) and Fortune 500 (around 6 percent) companies. More than half of directors newly appointed to board seats last year were white men.

Credit…By The New York Times | Sources: Deloitte, Alliance for Board Diversity

The report, however, analyzed data only through last June. More recent data from the research firm Institutional Shareholder Services found that since last July, the number of Black directors on boards of S&P 500 companies surged by nearly 200 percent, representing 32 percent of all newly appointed directors, up from 11 percent in 2019. Almost half of them were new to publicly traded company board services.

That report, which didn’t break down the data by gender, attributed the shift to “the widespread racial justice protests last summer.”

Even before the protests, there was growing pressure for boardroom diversity from institutions like Goldman Sachs, BlackRock and Nasdaq, driven in large part by a growing body of evidence showing that diverse leadership correlates with better business performance. And as a result of 2018 legislation in California, almost all of the more than 600 public companies based there now have at least one female board member, according to researchers at Clemson University and the University of Arizona.

Substantial change, though, will still take time, experts said. A typical tenure of a board director is eight years, and adding more seats can be costly, with director pay often reaching hundreds of thousands of dollars.

The report from the Alliance for Board Diversity and Deloitte noted that, at the current rate of change, it would take decades for boardrooms to reach representation proportional to the demographics of the American population. Women of color, for example, make up 20 percent of the U.S. population, but it would take until 2046 for them to make up 20 percent of Fortune 100 board seats.

“The fact remains,” the authors of the report write, “progress has been painfully slow.”