Skip to main content

The Security Hot Seat: Intellectual Property

by Nate Lord on Tuesday March 21, 2017

Contact Us
Free Demo

IP in the Hot Seat after Hackers Charged with Theft of $100-200M in Xbox, U.S. Army Data

This week’s Hot Seat focuses on a hot target of late: intellectual property. Last Tuesday the Department of Justice announced that four hackers have been charged with stealing over $100 million in trade secrets, source code, technical specifications, software, and other data from Microsoft, the U.S. Army, and three independent video game companies. The stolen intellectual property includes Xbox One and Xbox Live data, simulation software used to train soldiers to fly Apache helicopters, and pre-release versions of popular video games Gears of War 3 and Call of Duty: Modern Warfare 3. The hackers planned to sell the stolen assets and have been charged with theft of trade secrets, copyright infringement, identity theft, and computer, wire, and mail fraud. Two of the four charged have already pleaded guilty, with over $620,000 seized in proceeds from the theft.

While most of the breaches that make headlines today involve customer or financial data, this one stands out as a less common story that could have even more serious consequences for the affected companies. As Assistant Attorney General Leslie R. Caldwell said in the DOJ announcement, “innovation is only valuable when it can be protected.” The cost of stolen IP as well as response efforts has been estimated in the $100-200 million range for companies involved, including Xbox, the Army, Epic Games, Valve Corporation, and Zombie studios.

Beyond the cost of lost assets and recovery, these companies could face loss of competitive advantage going forward. Last Tuesday’s announcement only provided details of affected products and software that have since been released on the market; any stolen data related to currently unreleased technologies will devalue those products if accessed by competitors or made public.

This case is also noteworthy as it is believed to be the first time a foreign national has been convicted for hacking into a U.S.-based company and stealing IP. David Pokora of Ontario, Canada pleaded guilty on Tuesday after being arrested on March 28 of this year when he attempted to enter the country In Lewiston, NY.

Tags:  Security Hot Seat

Recommended Resources

The Definitive Guide to DLP

  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives

The Definitive Guide to Data Classification

  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business