Data needs to be kept safe and theft is a major threat. As a business, you should know this and be on top of it. Today, we’re going to talk about the ongoing trial of Xiaorong You that is happening in Greenville, Tennessee. This case is about the alleged stealing of trade secrets and the committing of economic espionage, including the stealing of BPA-free technologies from companies like Coca-Cola and the Eastman Chemical Company. The stolen technology in questions is worth $119.6 million.
We’re going to see how insider threat detection could have minimized the damages that You allegedly stole.
Working in the industry since 1992, Xiaorong “Shannon” You has a PhD in Polymer Science and Engineering. You worked for Coca-Cola from Dec. 2012-Aug. 2017 as a principal engineer for global research and moved to the Eastman Chemical Company to work as a packaging application development manager in Sept. 2017 until June 2018 when she was terminated from employment.
During this time working for both companies, You had access to secrets that many other employees didn’t. You took data from Coca-Cola, even though she said she didn’t, in writing and submitted them to the People’s Republic of China in her Thousand Talents program application. This is a program that has introduced new technology to China in the past.
The case states that You moved files to her private Google Drive account or took photos on her cellphone of secret data. She then worked with a Chinese national named Xiangchen Liu to create a company that would use these secrets to gain their own profit. They did this by using an Italian BPA-free manufacturer to use the stolen technology within their own products.
This thrift has affected Coca-Cola, the Eastman Chemical Company, Dow Chemical, AkzoNobel, Sherwin Williams, PPG, ToyoChem and TSI.
You was also filed on charges of economic espionage in Aug. 2020, after originally being brought up on charges relating to the theft of trade secrets.
How This Could Have Been Prevented
Let’s repeat the dates of the incidents:
You was terminated in 2017 but the indictment for her crimes didn’t take place until 2019. This suggests that it took several years to detect the theft.
Here are two reasons why this might have been:
- Coca-Cola might not have had the tools to detect the theft in real-time, which would make it difficult to prevent data from leaving the corporate environment.
- Coca-Cola also couldn’t prevent it because they lacked the policies to do so. These policies could have prevented non-authorized devices from entering workspaces and would have kept some of the data safe.
- Eastman Chemical Company terminated You much quicker, which may show that they had data protection standards that helped them realize something was wrong much faster.
Without Eastman Chemical’s detecting of You’s theft, the damages could have increased even more than the already $119.6 million. This goes to show that every company should have security protocols in place, even to protect against your own employees.
MyTek can help you utilize security systems to protect your company’s data from all kinds of theft. To learn more, call today at 623-312-2440.