Former Intel Employee Accused of Stealing Corporate Data Points Up Insider Threat

The alleged theft of trade secrets from Intel by a former employee offers yet another reminder of the importance of monitoring and controlling access to corporate data.

According to reports, ex-Intel engineer Biswamohan Pani has been accused by the FBI of stealing trade secrets from Intel while he secretly worked for the company’s chief rival, Advanced Micro Devices. The allegations were made in a criminal complaint filed in U.S. District Court in Boston in late August.

In an affidavit by FBI Special Agent Timothy Russell of the bureau’s Boston computer crime squad, it is stated that Pani told officials at Intel in May he was resigning to work for a hedge fund and would utilize accrued vacation time until his final official day June 11. However, allegedly, Pani began working for AMD June 2 and soon after accessed and downloaded 13 secret documents from an encrypted system at Intel.

When rumors that Pani was working for both companies began to circulate, Intel reportedly checked to see if Pani was accessing confidential documents and then called the FBI. A July 1 search of Pani’s home turned up eight Intel documents classified as confidential, secret or top secret, according to the affidavit.

Pani no longer works for AMD, and has denied any wrongdoing. But regardless, the accusations provide another clear example of the importance of keeping track of user access to confidential data.

Brian Cleary, vice president of products and marketing at enterprise access governance company Aveksa, argued that any user in that role with access to that type of information should have had those access rights immediately revoked after giving notice of resignation. However, as SailPoint Technologies CEO Mark McClain pointed out, as long as employees are in good standing it is common practice to allow them continued access while they are still employed.

“However, it makes sense to take mitigating steps because employees that have given notice should be considered higher than average risk,” McClain said. “For instance, it probably makes sense to monitor the activity of these employees, how they are using access.”