Microsoft Ex-Employee Arrested for Windows 8, Other Leaks

The police nabbed a former Microsoft employee who allegedly leaked early builds of Windows 8 and an SDK for the company's product key activation server.

Download the authoritative guide: Big Data: Mining Data for Revenue

Microsoft Leak

An ex-employee of Microsoft, Alex Kibkalo, was arrested in Seattle March 19 on charges that he leaked early, pre-release Windows 8 code and copied a confidential software development kit (SDK) used in the software giant's Activation Server Software, which provides product key validation services.

According to his LinkedIn profile, Kibkalo, a Russian national, had worked at Microsoft as a software architect in Russia and Lebanon from May 2005 to September 2012. He is most recently listed as the director of product management at 5nine Software, a Microsoft Hyper-V virtualization management specialist.

A criminal complaint, filed March 17 with a U.S. District Court in Seattle, charges Kibkalo with the theft of trade secrets on or around Aug. 18, 2012, while he was still employed at Microsoft. "Investigators contend Kibkalo was also caught bragging about leaking Windows 7 program files, as well as an internal system meant to protect against software piracy," reported Seattle PI March 19.

The ex-staffer also appears to have been behind some of the most revealing leaks surrounding Windows 8 well before its launch on Oct. 26, 2012. "Kibkalo is alleged to have leaked Windows 8 code to a French technology blogger in mid-2012, prior to the software's release," said the report.

Microsoft began closing in on Kibkalo after the blogger sought to confirm the leaked SDK's authenticity with a Microsoft employee on Sept. 3, 2012. Instead, the employee brought the matter to a Microsoft executive.

According to the court documents, Kibkalo admitted to Microsoft investigators on Sept. 24, 2012, that he provided a French technology blogger with insider information and documents via Microsoft's own SkyDrive (now OneDrive) cloud storage service. In addition to the SDK, unreleased Windows 8 hotfixes and versions of Windows Live Messenger were among the products he admitted to stealing, according to the filing.

"Microsoft came to believe Kibkalo sent the software development kit to the French blogger and encouraged the blogger to share it online so others could crack protections on Microsoft products, the FBI agent said in charging papers unsealed Wednesday," stated the Seattle PI report.

Recovered instant messages also pointed to his involvement. According to the newspaper, investigators found the following exchange:

"I would leak [Windows Server} enterprise today probably," Kibkalo told the blogger during an Aug. 2, 2012 exchange, according to charging papers.

"Hmm," the blogger replied. "Are you sure you want to do that? Lol."

Told the leak would be "pretty illegal," Kibkalo is alleged to have responded "I know :)"

Hinting at one possible motivation behind his action, the report said that "Kibkalo was apparently angry over a poor performance review."

Microsoft's performance reviews were notorious for their use of "stack ranking," a system that reportedly damaged employee morale and stifled innovation at the company. Stack ranking essentially forced managers to grade, or rank, their subordinates in comparison to one another. Under the system, brilliant and hardworking coders risked being labeled underperformers if they didn't measure up to elite developers on their teams.

Microsoft nixed the controversial personnel review system last year, before former Microsoft CEO Steve Ballmer's departure, but it was in effect during Kibkalo's tenure.

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...