Former DuPont worker gets 18-month sentence for insider data thefts
Federal judge also orders scientist to pay $45,000 in fines and restitution
Computerworld - A former DuPont research scientist who admitted a year ago that he illegally accessed and downloaded confidential documents valued at close to $400 million while he worked at the company was sentenced yesterday to 18 months in prison.
A U.S. District Court judge in Wilmington, Del., also ordered Gary Min, the scientist, to pay a $30,000 fine and $14,500 in restitution to DuPont. The sentence is substantially less than the maximum of 10 years in prison and a $250,000 fine that Min could have received.
Min, who also uses the first name Yonggang, pleaded guilty last November to stealing trade secrets from DuPont. His guilty plea became public in February, when the U.S. attorney's office in Delaware officially unsealed court documents relating to the case. Min originally was scheduled to be sentenced on March 29, but the sentencing was delayed until this week.
Robert Kravetz, an assistant U.S. attorney in Delaware, said Min's sentencing was put off while prosecutors held about 10 debriefing sessions with him in an effort to "get a handle on all of the DuPont technology that he had access to" and how much of the downloaded information had been transferred to systems given to Min by the company he joined after leaving DuPont.
Kravetz called Min's sentence fair and said that the case shows why it's important for companies to quickly contact law enforcement authorities when data breaches occur. "DuPont reached out at the outset, and that ensured that none of the technology [data] was disseminated," he said. "What DuPont did here was a really good job."
Federal agencies such as the FBI and the U.S. Department of Commerce have investigative tools at their disposal that companies typically don't have, Kravetz added. As a result, they're in a better position to resolve cases such as the one involving Min, he said.
The DuPont case highlighted the security dangers that organizations can face from trusted insiders. Min started working at DuPont in November 1995 and focused mainly on research involving a certain type of high-performance film. Then, in June 2005, he started talking with a U.K.-based company called Victrex PLC about possible job opportunities in Asia, according to court documents.
Min accepted a job with Victrex in October 2005 but didn't notify DuPont that he would be leaving until that December. Court records show that during the time he was in discussions with Victrex and for two months after he agreed to join that company, Min used his privileged access at DuPont to download about 22,000 document abstracts from DuPont's Electronic Data Library (EDL) system and to view approximately 16,700 full-text PDF files.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts