DuPont Employee Walked Away With $400 Million In Trade Secrets
Company scientist downloaded 22,000 sensitive documents and accessed 16,000 others as he got ready to take a job with a competitor
The U.S. Attorney's office in Delaware last week revealed a massive insider data breach at DuPont in which a scientist stole $400 million worth of trade secrets from the chemical company and now faces up to 10 years in prison, a fine of $250,000, and restitution when sentenced in March.
Gary Min, who also goes by the name Yonggang Min, pleaded guilty to stealing from DuPont late last year. He worked as a research chemist at the company for 10 years before signing an employment agreement with Victrex in October 2005 to start working for the DuPont competitor the following January. At DuPont, Min conducted research on high-performance polymer films. Victrex manufactures Peek, a polymer compound that competes with DuPont's Vespel and Kapton.
Min didn't tell DuPont he was leaving until Dec. 12, two months after signing the employment contract with Victrex. From August to Dec. 12, he accessed an unusually high volume of abstracts and PDF documents off of DuPont's electronic data library, prosecutors said. The EDL server, located at DuPont's experimental station in Wilmington, Del., is one of DuPont's primary databases for storing confidential and proprietary information. Min downloaded about 22,000 abstracts and accessed about 16,706 documents--15 times the number of abstracts and reports accessed by the next-highest user during that period.
It's unclear whether Min's frequent access to the database tipped off an automatic alert to DuPont officials or whether his behavior was discovered by studying database access logs. When DuPont discovered Min's EDL usage sometime after he gave notice, it contacted the FBI in Wilmington, which launched a joint investigation with the U.S. Attorney's Office and the Commerce Department.
Min began working at Victrex as planned on Jan. 1, 2006; around Feb. 2, he uploaded about 180 DuPont documents--including some containing confidential, trade-secret information--to his Victrex-assigned laptop computer. The following day, DuPont officials told Victrex officials in London about Min's activities. Victrex seized Min's laptop on Feb. 8 and turned it over to the FBI.
Ten Signs An Employee Is About To Go Bad
1. Frequent absences from work
2. Changes in temperament
3. Unusual behavior
4. Frequent efforts to access unauthorized systems
When FBI and Commerce agents searched Min's home in Ohio the following week, they found several computers with DuPont documents marked "confidential." A software erasure program was in the process of erasing an external disk drive on one of the computers when the agents arrived, prosecutors said. They also found garbage bags filled with shredded DuPont technical documents, as well as remnants of DuPont documents burned in the fireplace.
Investigators said there was no evidence that Min had turned stolen information over to anyone at Victrex, DuPont senior VP and general counsel Stacey Mobley said in a statement.
Min's case isn't unique. Three-quarters of 40 thefts of proprietary and confidential information from 1996 to 2002 examined by Carnegie Mellon's CERT program in a study last July were committed by current employees, says Dawn Cappelli, a senior member of CERT's technical staff. Of those employees, 45% had already accepted a job offer with another company. "In between the time they have an offer and the time they leave is when they take the information," she says.
The majority of Min's EDL searches targeted DuPont's major technologies and product lines, as well as new and emerging technologies in R&D that were unrelated to his research responsibilities, prosecutors said. These were all signs that could have signaled a problem. And they're signs companies should be actively watching for, given the amount of damage that can be done quickly once an employee decides to go over to the dark side.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.