Digital4nx Group, Ltd.

You are here: Home / Case Studies / The Threat From Within – Theft of IP

The Threat From Within – Theft of IP

by

* All names and identities are fictitious and have been changed.

Zach grew up in the family business. After college, he began working for the company, and during his eighteen-year employment at MedSoftCo, Zack worked hand in hand with the Company’s development team in developing and enhancing MedSoftCo’s scheduling software application and had direct access to the source code underlying the software.  In early 2021, Zack was promoted to the role of Director of Product Management, a senior level position, which included a minority equity position in the business.

In his new role, Zack had access to numerous high-level and key company documents, data, and databases, including the MedSoftCo GitHub repository containing the highly confidential source code for its scheduling software. Zack was no longer responsible for coding and thus had no reason to work on source code.  In fact, the Company expressly instructed Zack to discontinue working on the source code.

Zack’s new job responsibilities include:

  1. Driving MedSoftCo technology, new products and offerings, pricing strategies, and technology roadmap to ensure Plaintiff’s competitive advantage in the market;
  2. Working as the face of the MedSoftCo platform for both internal and external stakeholders;
  3. Managing both strategic and tactical activities for MedSoftCo’s technology;
  4. High-level interaction with MedSoftCo users including focus groups, one-on-one conversations, user groups, among other methods;
  5. Management of all market and technical problems, requirements, and system requirements;
  6. Organizing and leading user testing programs for MedSoftCo technology, including internal alpha and external beta programs; and
  7. Working closely with the MedSoftCo corporate team to establish technology budgets, activities, and investments.

Zack resigned from MedSoftCo on February 12, 2022, and he was going to work for a competitor.

MedSoftCo contacted their attorney who retained Digital4nx Group.  Digital4nx began an early case assessment — (“ECA”) of his company-owned devices and quickly learned of his unauthorized activities.

The results of the ECA revealed:

  • As early as April 2021, Zack began installing software to download the MedSoftCo scheduling software source code to his own computer against company policy.
  • Zack accessed the MedSoftCo GitHub repository to download approximately fifty thousand (50,000) files containing MedSoftCo source code onto his OneDrive cloud system and his computer’s local C Drive.
  • The ECA also revealed that less than a month prior to his resignation (January 2022), he began the interview process with CompetiSoftCo
  • Zach’s conduct of downloading the source code continued on the same days he gave verbal and written notice of his resignation, 2/12/22, 2/14/22, and 2/24/22. NOTE: The majority of the file downloads occurred during non-working hours on weekends.
  • The ECA’s internet searches revealed that after Zach gave notice of his resignation, two key indicators of his intentions to misappropriate source code became apparent.
    • First, Zack reviewed a software article entitled “Who Owns the Code?” which explains the issues associated with the efforts of source code programmers to reuse code they had developed after moving to a new employer.
    • Second, Zack conducted a search to determine how to create remote work access for a separate (non-MedSoftCo) computer, enabling him to log in to that computer and remotely access MedSoftCo systems. (Links from Zack’s Google Chrome Browser).
  • Zack also used his MedSoftCo issued work phone to communicate with CompetiSoftCo and to schedule his Zoom interviews with CompetiSoftCo’s reps.
  • The calendar entries obtained from Zack’s work phone reflect that from January 20, 2022 through February 8, 2022—the very time period during which Zack was downloading the source code — Zack engaged in multiple Zoom calls with CompetiSoftCo senior management, including its CEO.
  • After his CompetiSoftCo offer was emailed to his personal Gmail address on February 8, 2022, Zack texted a coworker, boasting about his decision to leave MedSoftCo: “I’m gonna give them 6 weeks notice and moonlighting after.”
  • On February 13, Zach used a series of external USB devices—used to store and transfer data from one device to another (i.e., computer to computer transfer of files)—to connect to his devices, which were not disclosed or returned to MedSoftCo when his employment ended.
  • In addition to Zack having access to numerous external devices, he backed up to platforms including a Google Gmail address, an additional phone, Dropbox, and a Google Drive account linked to his MedSoftCo Devices.

A complaint was filed against Zach and CompetiSoftCo with a panoply of federal and New Jersey laws, including without limitation the Federal Defend Trade Secrets Act, codified at 18 U.S. Code § 1836, and the Computer Fraud and Abuse Act, codified at 18 U.S.C. § 1030), as well as a violation of the Non-Disclosure and Non-Competition Agreement (“NDA”). 

To date, CompetiSoftCo has agreed that it never expressed to Zach to steal any source code.  CompetiSoftCo has also agreed to cooperate in the investigation to determine if any MedSoftCo exists on their network.

The investigation is still ongoing.

### END ###

Disclaimer: The information contained in this case study is educational only. This is not intended to fully cover everything related to the investigation or constitute expert advice, legal advice or otherwise. You should always seek the advice and counsel of an attorney while proceeding with these matters. Results may vary as each case is unique and the types of artifacts may not exist depending on many variables. Contact us for a confidential initial consultation.

© Copyright 2022, Digital4nx Group, Ltd. All Rights Reserved.