The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Ex-Pipeline Workers Charged with Stealing Data for Competing Firm

by Chris Brook on Thursday October 31, 2019

Contact Us
Free Demo
Chat

These ex-employees copied company trade secrets onto private storage devices then bragged that their new business would soon be competing with it.

A leading oil and gas pipeline company is suing two of its former employees after they left the company and allegedly took over one million of the company's files with them.

Until the end of August, Andre Filiatrault and Zachary McKee worked for ABB, Inc., a multinational corporation that specializes in telecoms and control systems for oil and gas pipelines.

According to a complaint filed last week in a Texas court and obtained by Data Insider, the two abruptly resigned two weeks ago and joined JRGO LLC, a Michigan-based firm that operates in a similar capacity to ABB by developing and designing systems for water and wastewater. According to the complaint, the pair spared no gusto on their way out the door, informing ABB that JRGO would soon be competing with ABB's oil and gas pipeline business.

When ABB reviewed Filiatrault and McKee's activity, the company discovered the two had downloaded thousands of files onto electronic storage devices. According to the complaint, Filiatrault downloaded at least 8,100 files while McKee appears to have downloaded more than 1.2 million, much of them containing “confidential, trade secret files belonging to ABB.”

It can be argued JRGO isn't a direct competitor to ABB; the company appears to mostly focus on water pipeline management. Yet when Filiatrault told his manager, Neal Bishop, he was leaving, he told him it was to help JRGO to start an oil and gas pipeline inspection business and that it'd "soon be competing" with ABB for its business.

As ABB points out in its complaint, the company is one of the world's leading suppliers to the oil and gas transportation industry. Its systems carry hydroelectricity from the Pacific Northwest to metro Los Angeles, it has a factory in Michigan that cranks out industrial robots, and its technology figures into a number of oil and gas fields across the country.

Judging by the complaint, it sounds as if the two took information like company pricing data, employment files, and information on a business initiative and proprietary software.

The software, PITware, was originally developed by General Electric but owned by ABB and by all intents and purposes, considered a secret. The software - really more of an analytic tool - helps parse pipeline data and can be used to verify and predict anomalies and defects in oil and gas pipelines.

It's unclear - for obvious reasons - what the business initiative, named Fire Tube Files, is. According to the complaint the files contain data and business plans that "provide ABB's oil and gas pipeline inspection business with a competitive advantage over competitors or those seeking entry into the field" and are considered confidential.

Both Filiatrault and McKee had "complete access to all of ABB's confidential business information, including the PITware software and its source code, ABB's pricing information, employment files and Fire Tube Files," something which made it easy for them to copy many of the files onto their work machines, then onto a non-ABB storage device.

The court filing makes it clear that the two weren't authorized to use the data and that JRGO knew, or should have known that the two had access to it upon agreeing to hire them. The pair are being charged with violating the Defend Trade Secrets Act, the Texas Uniform Trade Secret Act, and the Computer Fraud and Abuse Act.

While the company had a data loss prevention solution in place - according to the complaint, DLP reports revealed "significant risk of improper activity" - it didn't stop Filiatrault and McKee from taking the data in the first place. It certainly helps that forensic analysis was able to identify the wholesale copying of the company's trade secrets, it appears something went awry - perhaps a misconfigured policy – when it came to stopping outright data theft.

It's possible that having a more robust solution in place, one that can see and stop data theft, could have stopped the employees from moving the files, let alone copying them to a storage device.

Tags: Industry Insights, Data Theft

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.