Reverse hacker case gets costlier for Sandia Labs
On top of $4.7M jury award, post-judgment interest adds $60,000 a month
Computerworld - A wrongful termination lawsuit against Sandia National Laboratories that resulted in a jury award of more than $4.7 million in damages to Shawn Carpenter, a former security analyst at the organization, may be getting even more costly for the labs.
A district court judge in the state of New Mexico, where the case was heard, recently awarded 15% per year post-judgment interest on the original award as allowed under state law. The amended final judgment means that interest in the amount of almost $60,000 per month is accumulating while Sandia's appeal against the jury award works it way through the courts.
Following that judgment, "Sandia is posting a supersedeas bond in the amount of $5.8 million to cover a year and a half of interest and the judgment," Carpenter said. Such a bond allows Sandia to delay payment of a judgment until the appeals process is over.
"The purchase price of the bond is face value, plus additional fees, and guarantees that they will pay the judgment should the appeals fail," Carpenter said. "We are trying to find out who is paying for all of this. The answer is most likely the taxpayers," he added.
Sandia officials have said they intend to appeal the amended final judgment to the New Mexico Court of Appeals and, if necessary, to the Supreme Court of New Mexico.
A Sandia spokesman today said the organization would "take all steps necessary" to pursue its right of appeal in the case. "While Sandia respects the jury process, Sandia maintains that the verdict in this case was erroneous," the spokesman said in an e-mailed comment.
"Like all employers, Sandia must retain the ability to discipline its employees when they take action in violation of law, refuse supervisory instructions or act without authorization," he said.
The spokesman said Sandia officials could not comment further because of the ongoing legal proceedings.
Carpenter worked as a network intrusion detection analyst at Sandia. He was fired in January 2005 for sharing information related to an internal network compromise with the FBI and the U.S. Army. Sandia alleged that Carpenter had inappropriately shared confidential information he had gathered in his role as a security analyst for the laboratory.
Carpenter said he had done so only for national security reasons. He said his independent investigations of a May 2004 breach had unearthed evidence showing that the intruders who had broken into Sandia's networks belonged to a Chinese hacking group called Titan Rain, which also had attacked other sensitive networks and stolen U.S. military and other classified documents. He claimed that he had tried in vain to get the information to the other agencies through proper channels at Sandia before deciding to share the information on his own.
After getting fired, Carpenter filed a wrongful termination lawsuit against Sandia. In February 2007, a New Mexico jury awarded Carpenter a total of more than $4.3 million in punitive damages and more than $400,000 in other damages. During the trial, the jury heard testimony about how a Sandia official had told Carpenter he would've been "decapitated" or how there "would at least be blood all over the office" if Carpenter had been working directly for him.
After the verdict, Sandia filed several post-trial motions, including one that asked for a new trial and another that asked the judge to reduce the amount of the jury award.
"During the course of litigation, we made several settlement offers, and they ignored all of them," Carpenter said. "The one offer they made wasn't even worthy of consideration," he said.
Read more about Security in Computerworld's Security Topic Center.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!