Former DuPont worker gets 18-month sentence for insider data thefts
Federal judge also orders scientist to pay $45,000 in fines and restitution
Computerworld - A former DuPont research scientist who admitted a year ago that he illegally accessed and downloaded confidential documents valued at close to $400 million while he worked at the company was sentenced yesterday to 18 months in prison.
A U.S. District Court judge in Wilmington, Del., also ordered Gary Min, the scientist, to pay a $30,000 fine and $14,500 in restitution to DuPont. The sentence is substantially less than the maximum of 10 years in prison and a $250,000 fine that Min could have received.
Min, who also uses the first name Yonggang, pleaded guilty last November to stealing trade secrets from DuPont. His guilty plea became public in February, when the U.S. attorney's office in Delaware officially unsealed court documents relating to the case. Min originally was scheduled to be sentenced on March 29, but the sentencing was delayed until this week.
Robert Kravetz, an assistant U.S. attorney in Delaware, said Min's sentencing was put off while prosecutors held about 10 debriefing sessions with him in an effort to "get a handle on all of the DuPont technology that he had access to" and how much of the downloaded information had been transferred to systems given to Min by the company he joined after leaving DuPont.
Kravetz called Min's sentence fair and said that the case shows why it's important for companies to quickly contact law enforcement authorities when data breaches occur. "DuPont reached out at the outset, and that ensured that none of the technology [data] was disseminated," he said. "What DuPont did here was a really good job."
Federal agencies such as the FBI and the U.S. Department of Commerce have investigative tools at their disposal that companies typically don't have, Kravetz added. As a result, they're in a better position to resolve cases such as the one involving Min, he said.
The DuPont case highlighted the security dangers that organizations can face from trusted insiders. Min started working at DuPont in November 1995 and focused mainly on research involving a certain type of high-performance film. Then, in June 2005, he started talking with a U.K.-based company called Victrex PLC about possible job opportunities in Asia, according to court documents.
Min accepted a job with Victrex in October 2005 but didn't notify DuPont that he would be leaving until that December. Court records show that during the time he was in discussions with Victrex and for two months after he agreed to join that company, Min used his privileged access at DuPont to download about 22,000 document abstracts from DuPont's Electronic Data Library (EDL) system and to view approximately 16,700 full-text PDF files.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- It's not too late...Get Your Mobile Questions Answered Live! How can IT provide seamless and secure mobile communications and collaboration for all? Join this live Webcast as IDG asks an expert panel... All Cybercrime and Hacking White Papers | Webcasts