We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

SunPower lawsuit highlights insider threat

Solar panel manufacturer is newest victim of old problem

A lawsuit filed in federal court in California offers another reminder of how malicious insiders pose an often-underestimated threat to corporate data and intellectual property.

SunPower Corp., a publicly traded San Jose manufacturer of solar panels, has sued five of its former employees for stealing proprietary information from the company and using it to benefit a rival firm.

The five are accused of connecting personal USB storage devices to SunPower systems and stealing the data around the time they were leaving the company last year. SunPower did not notice the theft until December, when one of the former employees was caught attempting to use his email account, one month after he had left the company.

The lawsuit was filed in U.S. District Court for the Northern District of California.

Also named in the lawsuit for knowingly accepting the stolen data is SolarCity, the rival firm that now employs the five former SunPower employees.

In its complaint, SunPower alleged that a former managing director of SunPower's east coast operations and four other relatively senior employees stole tens of thousands of files from company servers and from its Salesforce.com database.

According to SunPower, the files included quotes, deals, proposals, contracts, market analyses and business analysis data. The employees are also alleged to have stolen customer contact information and information on previously sold products, and potential new clients.

The stolen information included data on customers who had accounted for some $100 million in sales for SunPower in 2011. SolarCity did not immediately respond to a request for comment.

Such insider theft is not uncommon. Over the past few years, there have been numerous cases where insiders with privileged access to corporate networks and systems have misused that access to steal data.

According to research released by Symantec in December, the majority of IP theft is committed by male employees who average about 37 years old and are most often serving in technical positions such as engineers, scientists, programmers and managers.

In about 65% of the cases, employees who commit such theft have already secured a new job with a competing company while about 20% are recruited by an outsider looking to steal specific data. More than half steal data within a month of leaving their old job.

In more than half the cases, the data stolen involves business information such as billing data, customer data, price lists and business plans the malicious insider is authorized to access.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is [email protected] .

Read more about drm and legal issues in Computerworld's DRM and Legal Issues Topic Center.

IDG UK Sites

Windows 10 release date, price, features UK: Staggered release with PCs coming first this summer -...

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

How to get a job in design

IDG UK Sites

MacBook Pro 15in preview: better battery life, faster storage and a new discrete graphics chip may...