A sportswear company in Oregon has alleged that a senior IT manager left a backdoor in its systems before departing to a business partner and illegally used that access almost 700 times for his new employer’s benefit.
In its complaint to a federal court in Oregon [PDF], Columbia Sportswear demanded a jury trial for Michael Leeper, who it alleged had illegally accessed highly confidential information to the benefit of a business parter, tech consulting firm Denali Advanced Integration, which Leeper had left to work for.
The accusation of betrayal notes that Leeper had been an employee at Columbia since May 2000, when he joined as manager of its desktop services team. He was subsequently promoted to senior director of technology infrastructure, from which he was responsible for maintaining Columbia’s global IT systems and dealing with technology vendors including Denali, for which he departed the sportswear business in 2014.
Just a day before leaving, however, Leeper allegedly created a network account under the name “Jeff Manning”, called “jmanning”, which provided him with remote access to Columbia’s network, including its VPN. Using this account, Leeper plundered Columbia nearly 700 times over the next two years, stealing corporate plans as well as information on its technology budget, all for the benefit of Denali as it competed for his former employer’s cash.
Columbia complained that Leeper and Denali had accessed information including emails concerning business transactions in which it had financial interests, stating: “Leeper illegally accessed that information in furtherance of Denali’s desire to profit from its business relationship with Columbia, and in his capacity as Denali’s CTO.”
Denali did not immediately respond to The Register’s requests for comment. The case is ongoing. ®
Source: SANS ISC SecNewsFeed @ March 6, 2017 at 06:09AM