DuPont Employee Walked Away With $400 Million In Trade Secrets - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News

DuPont Employee Walked Away With $400 Million In Trade Secrets

Company scientist downloaded 22,000 sensitive documents and accessed 16,000 others as he got ready to take a job with a competitor

The U.S. Attorney's office in Delaware last week revealed a massive insider data breach at DuPont in which a scientist stole $400 million worth of trade secrets from the chemical company and now faces up to 10 years in prison, a fine of $250,000, and restitution when sentenced in March.

Gary Min, who also goes by the name Yonggang Min, pleaded guilty to stealing from DuPont late last year. He worked as a research chemist at the company for 10 years before signing an employment agreement with Victrex in October 2005 to start working for the DuPont competitor the following January. At DuPont, Min conducted research on high-performance polymer films. Victrex manufactures Peek, a polymer compound that competes with DuPont's Vespel and Kapton.

Min didn't tell DuPont he was leaving until Dec. 12, two months after signing the employment contract with Victrex. From August to Dec. 12, he accessed an unusually high volume of abstracts and PDF documents off of DuPont's electronic data library, prosecutors said. The EDL server, located at DuPont's experimental station in Wilmington, Del., is one of DuPont's primary databases for storing confidential and proprietary information. Min downloaded about 22,000 abstracts and accessed about 16,706 documents--15 times the number of abstracts and reports accessed by the next-highest user during that period.

It's unclear whether Min's frequent access to the database tipped off an automatic alert to DuPont officials or whether his behavior was discovered by studying database access logs. When DuPont discovered Min's EDL usage sometime after he gave notice, it contacted the FBI in Wilmington, which launched a joint investigation with the U.S. Attorney's Office and the Commerce Department.

Min began working at Victrex as planned on Jan. 1, 2006; around Feb. 2, he uploaded about 180 DuPont documents--including some containing confidential, trade-secret information--to his Victrex-assigned laptop computer. The following day, DuPont officials told Victrex officials in London about Min's activities. Victrex seized Min's laptop on Feb. 8 and turned it over to the FBI.

Ten Signs An Employee Is About To Go Bad
1. Frequent absences from work
2. Changes in temperament
3. Unusual behavior
4. Frequent efforts to access unauthorized systems
5. Changes in computer behavior or configuration
6. Receives a bad performance review
7. Exhibits signs of financial distress
8. Office romance goes south
9. Is terminated
10. Voluntarily resigns
Read the full story at DarkReading.com
When FBI and Commerce agents searched Min's home in Ohio the following week, they found several computers with DuPont documents marked "confidential." A software erasure program was in the process of erasing an external disk drive on one of the computers when the agents arrived, prosecutors said. They also found garbage bags filled with shredded DuPont technical documents, as well as remnants of DuPont documents burned in the fireplace.

Investigators said there was no evidence that Min had turned stolen information over to anyone at Victrex, DuPont senior VP and general counsel Stacey Mobley said in a statement.

Min's case isn't unique. Three-quarters of 40 thefts of proprietary and confidential information from 1996 to 2002 examined by Carnegie Mellon's CERT program in a study last July were committed by current employees, says Dawn Cappelli, a senior member of CERT's technical staff. Of those employees, 45% had already accepted a job offer with another company. "In between the time they have an offer and the time they leave is when they take the information," she says.

The majority of Min's EDL searches targeted DuPont's major technologies and product lines, as well as new and emerging technologies in R&D that were unrelated to his research responsibilities, prosecutors said. These were all signs that could have signaled a problem. And they're signs companies should be actively watching for, given the amount of damage that can be done quickly once an employee decides to go over to the dark side.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Commentary
Enterprise Guide to Digital Transformation
Cathleen Gagne, Managing Editor, InformationWeek,  8/13/2019
Slideshows
IT Careers: How to Get a Job as a Site Reliability Engineer
Cynthia Harvey, Freelance Journalist, InformationWeek,  7/31/2019
Commentary
AI Ethics Guidelines Every CIO Should Read
Guest Commentary, Guest Commentary,  8/7/2019
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll