The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

CEO, COO Indicted in Biotech IP Theft Case’s Latest Turn

by Chris Brook on Thursday July 8, 2021

Contact Us
Free Demo
Chat

Two executives reportedly used stolen intellectual property to build their company up to a nearly $1 billion valuation, the DOJ announced this week.

The US government charged a former Chief Executive Officer and former Chief Operating Officer this week after they reportedly worked together to steal thousands of confidential and proprietary files from another company to give their own organization, a competitor, a leg up in the market. 

Using the stolen data, the company, Taiwan’s JHL Biotech Inc., reached a valuation of nearly $1 billion - in the startup world, commonly known as a unicorn – but that status was built on a "foundation of lies," according to US Attorney Stephanie Hinds, this week.

In charges unsealed on Wednesday in San Francisco, the Department of Justice said that two members of JHL’s executive team, Racho Jordanov, the former CEO, and Rose Lin, the former COO, carried out a scheme to steal confidential data from Genentech, the multi-billion-dollar biotech firm and used that information to defraud JHL’s investors and strategic partners.

“The indictment alleges defendants used confidential documents and trade secrets stolen from Genentech to build a competitor and enrich themselves,” Hinds said, “This kind of complex intellectual property theft and fraud not only harms victims, it threatens the intellectual property of an industry with strategic importance to the United States.”

The case has been working its way through the court system for a bit. The indictment, which was first filed in 2018, alleges that Lin – who worked at Genentech as a senior manager for 22 years – and Jordanov laid the groundwork to steal data from the company back in 2009.

Using information stolen from as early as 2009 by Xanthe Lam, and Allen Lam, a husband and wife team who worked at Genentech, Lin and Jordanov built up JHL in 2013, accelerating product development timelines, reducing costs, and so on.

Xanthe Lam and Allen Lam were indicted back in 2018 but didn’t plead guilty - to conspiracy and other charges related to the theft of trade secrets – until this week.

“The FBI will not tolerate the stealing of intellectual property and trade secrets to gain an advantage in the private sector,” FBI Special Agent in Charge Craig D. Fair said of the case this week. “This behavior is contradictory to American values and with our law enforcement partners, we will continue to pursue those who wish to make their profits off the backs of other’s hard work.”

Among the documents stolen by the husband and wife and obtained by Lin and Jordanov were several trade secrets.

To perpetuate the fraud further, in 2014, Lin and Jordanov used the stolen data to copy Genentech's standard operating procedures, or SOPs. In some instances, the indictment alleges that JHL had some of its employees simply cut out Genentech's logo from documents and have their own pasted on. This not only saved the company money but made its business look more legitimate.

In one instance, another Genentech employee, James Quach - acting as an agent for JHL - used Xanthe Lam's credentials to download files to a personal hard drive. In another, he went to Xanthe's home in South San Francisco and reportedly used Xanthe's credentials to download the company’s proprietary manufacturing protocols onto a USB drive. Quach was named in the 2018 indictment along with both Lams and John Chan, an individual who also conspired to steal the company’s trade secrets

According to the court filing, files flowed freely in both directions. In addition to a personal hard drive and USB device, Xanthe, on several instances also used her personal Gmail account to download JHL files to her Genentech laptop. She also emailed her husband technical Genentech files, claiming they were for Chan, who was working at JHL at the time.

Lin and Jordanov profited from their lies in 2016, according to the DOJ, after JHL entered a partnership with Sanofi, the French healthcare biotech firm. Under an agreement, JHL would manufacture and distribute biosimilars – essentially medicine or drugs that are similar to another already on the market – in China. To fulfill the transaction, Sanofi paid JHL $101 million - but this was done under false pretenses. Jordanov made no mention of the pilfered Genentech data or the fact that much of his company’s success at this point was attributable to misappropriated intellectual property.

While not mentioned in the DOJ press release, the indictment claims some of the data stolen relates to biosimilars of Genentech’s drugs, including Rituxan, Pulmozyme, Herceptin, and Avastin.

Genentech and JHL entered into a Memorandum of Understanding back in 2019, a year after Xanthe Lam and Allen Lam were indicted, that ordered JHL to not disclose or share any confidential information belonging to Genentech and halt development of any medicine associated with the company.

It’s worth noting that JHL Biotech technically no longer exists. The company is now two entities, Eden Biologics, Inc. and Chime Biologics (Wuhan) Co. Ltd; the company restructured in 2020.

According to the DOJ, both companies entered into a Non-Prosecution Agreement - essentially a tool the DOJ uses that doesn't result in any charges being filed against the company and doesn’t require the company to admit liability - with the U.S. Attorney’s Office.

In addition to trade secret theft charges, because of the fraud, Lin and Jordanov are also facing wire fraud and international money laundering charges as well. Both plead not guilty to all charges this week and are slated to appear before a judge in August.

Tags: IP theft

Recommended Resources


  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives
  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.