A former Intel employee has been accused of stealing thousands of sensitive files after being let go during mass layoffs earlier this year.
Thousands of staff were caught up in layoffs after Lip Bu-Tan took over the reins at the struggling chipmaker in March, and Jingeng Luo was among those affected.
After working for Intel since 2014 and receiving notice in July, Luo is accused of using his last few weeks in the office to download thousands of files, including sensitive documents, sparking a lawsuit from Intel seeking damages of $250,000.
The incident highlights the potential risk of insider threats — of particular relevance as the tech industry undergoes plenty of layoffs.
Earlier this year, a 55-year-old was convicted of causing intentional damage to protected computers for a campaign of internal sabotage at his employer, power management company Eaton Corp, after he saw a reduction in his responsibilities at work.
Davis Lu reportedly created "infinite loops" that prevented users from logging into their accounts, wreaking havoc for colleagues.
And last year, a disgruntled IT worker was arrested after targeting a former employee with an extortion campaign that included changing admin passwords and shutting down servers if $750,000 in bitcoin wasn't paid.
What happened?
Luo was told he was being laid off on 7 July, with his contract ending 31 July. A few weeks after being informed, Luo is accused of attempting to download a file from his Intel-provided laptop to an external hard drive, but Intel's internal controls blocked the transfer.
That didn't raise any red flags on the system, however, so he had a second go, according to a court document filed by Intel.
Five days later, according to the allegations, he tried again, using a NAS device — and this time it worked. Over the next four days, Luo downloaded and transferred nearly 18,000 documents, including files marked as "top secret".
Intel said the data transfer was detected internally and sparked an investigation.
Intel said in the court filing that Luo held an engineering position with access to a wide range of confidential information, including data classified as "top secret" and worked on projects that Intel "zealously protected from external disclosure."
$250,000 complaint
Intel said it attempted to contact Luo multiple times over several months to return the files, but the former staffer isn't responding to emails, letters or phone calls, so it filed suit.
The chipmaker said that Luo has “refused to even engage with Intel, let alone return the files, provide the NAS device for examination, or otherwise cooperate with Intel's investigation."
The company is claiming damages of at least $250,000. Luo is believed to be based in Washington state or Oregon, and has not yet publicly responded to the allegations.
Intel noted that Luo signed an agreement to hold such data in strict confidence, and return all data at the end of his employment. Generally, Intel has policies which ban external devices from being connected to company computers or networks.
"Luo’s continued silence demonstrates that he has no intention of cooperating with Intel in any capacity despite his contractual obligation to do so," Intel's court filing noted.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- Nvidia’s Intel investment just gave it the perfect inroad to lucrative new markets
- The US government's Intel deal explained
- Intel to axe 24,000 roles, cancel factory plans in sweeping cost-cutting move
-
Pure Storage’s expanded partner ecosystem helps fuel Q3 growthNews The data storage vendor has announced a 16% year-over-year revenue hike in its latest earnings report, driven by continued channel and product investment
-
Partners have been ‘critical from day one’ at AWS, and the company’s agentic AI drive means they’re more important than everNews The hyperscaler is leaning on its extensive ties with channel partners and systems integrators to drive AI adoption
-
The Scattered Lapsus$ Hunters group is targeting Zendesk customers – here’s what you need to knowNews The group appears to be infecting support and help-desk personnel with remote access trojans and other forms of malware
-
Impact of Asahi cyber attack laid bare as company confirms 1.5 million customers exposedNews No ransom has been paid, said president and group CEO Atsushi Katsuki, and the company is restoring its systems
-
If you're not taking insider threats seriously, then the CrowdStrike incident should be a big wake up callNews CrowdStrike has admitted an insider took screenshots of systems and shared them with hackers, and experts say it should serve as a wake up call for enterprises globally.
-
Shai-Hulud malware is back with a vengeance and has hit more than 19,000 GitHub repositories so far — here's what developers need to knowNews The malware has compromised more than 700 widely-used npm packages, and is spreading fast
-
Security experts claim the CVE Program isn’t up to scratch anymore — inaccurate scores and lengthy delays mean the system needs updatedNews CVE data is vital in combating emerging threats, yet inaccurate ratings and lengthy wait times are placing enterprises at risk
-
The US, UK, and Australia just imposed sanctions on a Russian cyber crime group – 'we are exposing their dark networks and going after those responsible'News Media Land offers 'bulletproof' hosting services used for ransomware and DDoS attacks around the world
-
Thousands of ASUS routers are being hijacked in a state-sponsored cyber espionage campaignNews Researchers believe that Operation WrtHug is being carried out by Chinese state-sponsored hackers
-
IBM AIX users urged to patch immediately as researchers sound alarm on critical flawsNews Network administrators should patch the four IBM AIX flaws as soon as possible
