Oracle charges 'corporate theft,' slaps SAP with lawsuit
But one analyst says it could be a 'tempest in a teapot'
Computerworld - Painting a picture of what it calls "corporate theft on a grand scale," enterprise software vendor Oracle Corp. today sued German software rival SAP AG, alleging that SAP "has stolen thousands of proprietary, copyrighted software products and other confidential materials that Oracle developed to service its own support customers."
In a 44-page lawsuit (download PDF) filed today in U.S. District Court in the Northern District of California, Oracle alleges that SAP "has copied and swept thousands of Oracle software products and other proprietary and confidential materials onto its own servers" as part of a plan to compile "an illegal library of Oracle's copyrighted software code and other materials."
"This storehouse of stolen Oracle intellectual property enables SAP to offer cut rate support services to customers who use Oracle software, and to attempt to lure them to SAP's applications software platform and away from Oracle's," the lawsuit alleges. Oracle said it filed the suit to "stop SAP's illegal intrusions and theft, to prevent SAP from using the materials it has illegally acquired to compete with Oracle and to recover damages and attorneys' fees."
A spokesman for SAP Americas declined to comment on the suit. "We have just been notified of the lawsuit, and have taken note of the Oracle press release. We are still reviewing the matter, and, until we have a chance to study the allegations, SAP will follow its standard policy of not commenting on pending litigation," said Bill Wohl.
The amount of damages being sought by Oracle was not revealed in the lawsuit.
The suit cites 11 claims, including allegations that SAP violated the Federal Computer Fraud and Abuse Act and the California Computer Data Access and Fraud Act; engaged in unfair competition; engaged in intentional and negligent interference with prospective economic advantage; and civil conspiracy.
The lawsuit also alleges that "SAP is engaged in systematic, illegal access to -- and taking from -- Oracle's computerized customer support systems. ... SAP gained repeated and unauthorized access, in many cases by use of pretextual customer log-in credentials, to Oracle's proprietary, password-protected customer support Web site."
The alleged incidents were discovered in late November 2006, according to the lawsuit.
The case may reflect a recent trend, as third-party support services firms try to lure IT managers away from getting their support from the original software vendor toward lower-cost options from other providers.
The lawsuit alleges that "the access and download activity Oracle observed on its systems in late November and December 2006 did not resemble the authorized, limited access to which its customers were entitled. Instead, SAP employees using the log-in credentials of Oracle customers with expired or soon-to-expire support rights had, in a matter of a few days or less, accessed and copied thousands of individual software and support materials."
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Confront consumerization with convergence Virtualization expert Elias Khnaser spotlights the security, compliance, and governance issues that arise when enterprise users "consumerize" with shadow IT and public cloud...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Legal White Papers | Webcasts