Allegro MicroSystems LLC is suing a former IT staff for sabotaging its database using a what is referred to as a”Time bomb“.
The aim was to delete crucial financial data in the first week of the new fiscal year. The lawsuit was filed in August 2016 and is currently ongoing.
The defendant is a man named Nimesh Patel from Shrewsbury, Massachusetts, who worked for Allegro between August 26, 2002, and January 8, 2016.
Patel was one of Allegro’s many IT employees in charge of the company’s database, one being the Oracle finance module, which the company used to manage the financial side of its business.
Patel left his job in 2016 after 14-years of employment at Allegro, over the course of the 14 years Patel received three laptops from his employer. The third being a personal device
Upon resigning Patel returned only one of the two business laptops. When staff at Allegro found out about the missing business laptop, they ordered for it’s return. In response Patel returned the older laptop, meant for personal use, after he wiped the hard drive.
Patel then entered the grounds of the Allegro headquarters in Massachusetts, within just enough to be in range of the factory’s WiFi network and then used his colleague’s credentials to gain access Allegro’s network.
Being a senior administrator Patel had access to usernames and passwords to colleagues accounts and kept them in a word document.
Patel planted a “Time bomb” While connected to factory’s network on January 31, Allegro claims Patel, who was one of the two people in charge of Oracle programming, uploaded a “Time bomb” to the company’s Oracle finance module.
14 days after the unauthorized access IT staffers found Patel’s malicious code after comparing the current database with a copy from older backups.
After investigating they tracked the unauthorized access to Patel’s second business laptop based on the device’s electronic fingerprint login technology
Allegro said it paid in excess of $100,000 to fix its systems after Patel’s sabotage and is now suing Patel asking for damages and punishment involved in the cost of mitigating his ‘Time Bomb’, but also for trespassing and accessing of the network without authorization.