[ISN] Google Told To Reveal Gmail 'Spybox' Account Info In CTO Espionage Case

From: InfoSec News <alerts_at_private>
Date: Wed, 22 Oct 2008 05:03:11 -0500 (CDT)
http://www.informationweek.com/news/security/intrusion-prevention/showArticle.jhtml?articleID=211201988

By Thomas Claburn
InformationWeek
October 20, 2008

In a legal battle to document the alleged industrial espionage of its 
former chief technology officer, iMerge.nl has obtained a court order 
requiring Google (NSDQ: GOOG) to release information associated with a 
Gmail "spybox." IMerge is an e-commerce business incubator based in the 
Netherlands.

"The suspect was, until September 2006, active as CTO, and had designed 
the [company's] security network," said Martijn Hoogeveen, CEO of 
iMerge, in an e-mail. "It is always very difficult to protect against 
the threat from within."

The former CTO, Hoogeveen claims, had installed a "backdoor" server in 
the company's hosting center. Although the company had changed all the 
passwords when the suspect left the company, the backdoor server went 
undetected. It was revealed when a subsequent network audit showed that 
financial information had been copied to the server. It turned out that 
the server had been set up to forward information from a corporate 
director's mailbox to the so-called spybox, a Gmail account used as a 
document drop.

Hoogeveen said he'd had suspicions about the CTO, a former partner, for 
some time because the suspect had been harassing people associated with 
the company with information that he shouldn't have known. This included 
knowledge of negotiations about the sale of one of its e-retail company, 
TakeItNow.com, which had been successfully concluded and was being kept 
quiet through a nondisclosure agreement. The suspect claimed he was 
providing information about another iMerge company, ICEcat.biz, to one 
of the company's competitors.

[...]


__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/
Received on Wed Oct 22 2008 - 03:03:11 PDT

This archive was generated by hypermail 2.2.0 : Wed Oct 22 2008 - 03:17:03 PDT