Suit Claims Ex-Consultant Stole 30,000 Files to Start Competing Firm | Digital Guardian

The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

Suit Claims Ex-Consultant Stole 30,000 Files to Start Competing Firm

by Chris Brook on Wednesday June 22, 2022

Contact Us
Free Demo
Chat

A new lawsuit alleges this consultant stole a library of data from his former employer - copying it from cloud storage to a USB drive - to start a competing firm.

Time and time again in trade secret and IP theft cases, you see former employees absconding with valuable data, secrets that organizations claim in court documents cost them thousands and sometimes millions to create.

It’s rare you see a case in which one party alleges the other stole nearly all of the organization’s data – a veritable library – but that seems to be the case in a complaint filed last week between two warring consulting firms.

In a suit recently filed in the United States District Court of the North District of Georgia, one consultancy, Young & Associates, which specializes in property damage estimating, claimed a former employee, Michael Walker, stole over 30,000 files to get a competing firm off the ground.

According to court filings, Walker testified in a recent deposition to downloading the contents of his Google Drive while still employed at YA, moving that data onto an external hard drive, then uploading it onto the network of his new firm, Undisputed Consulting, LLC. All of this was unknown to YA when Walker left the company in July 2021 to become a founding member of Undisputed, according to the complaint.

The stolen information included essentially all one would need to start a new business, including sensitive customer and contact lists, strategic business and marketing plans, internal financial documents, strategic budgets, sensitive customer data and estimating tools, according to the lawsuit.

The suit points out that Walker, like nearly every employee that works at an organization rich in data, signed off on an agreement that mandated that any confidential information he accessed be returned to the company at the end of his employment. He was given access to cloud-based, password-protected platforms that contained similar data, under the same pretense. Neither stopped him from stealing the data however, the lawsuit claims.

It wasn't clear that Walker's new firm would even compete with YA until some of its other consultants began jumping ship and bringing some of their customers with them. While the lawsuit obviously doesn't get into which customers have taken their business to Undisputed, it alleges the organization has "provided prohibited services to contractually-restricted customers within the six-month period after he ended his relationship with YA."

YA alleges Walker violated not just the Defend Trade Secrets Act but the Georgia Trade Secrets Act and Georgia's Computer Systems Protection Act; Walker is based out of Georgia. The firm is also claiming he breached his contract and engaged in tortious interference with contractual relations and civil conspiracy when he helped launch Undisputed.

The firm is asking for a trial by jury and for the court to award it money damages and relief, including preventing anyone associated with Walker from using their trade secrets.

While it’s of course too early to know how the lawsuit will play out, it will be fascinating to see how Walker’s admission that he uploaded the files from the external hard drive to his new company’s computing network so that he and others there could use the stolen information, will figure into the trial, if there is one.

Tags: Data Theft

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.