FBI special agent Eric M. Proudfoot filed a criminal complaint on 9 July charging former Apple employee Xiaolang Zhang with the crime of stealing trade secrets from the tech giant.
Zhang, who began working for Apple at the end of 2015, was a hardware engineer working on Apple's autonomous vehicle development team. Details of the company's autonomous vehicle project have remained secret, with the company revealing little more than hints of project development to the press.
Because it was required in his role, Zhang had access to Apple's intellectual property, including confidential databases. Shortly after Zhang returned from paternity leave on 30 April 2018, he submitted his resignation to his immediate supervisor, explaining that he was moving back to China to work for XMotors, an intelligent electric vehicle startup.
Zhang was reportedly asked to return all of his corporate devices before being escorted off campus. "Apple security then immediately disabled Zhang's remote network access, badge privileges, network access and other employee accesses," according to the affidavit filed with the US District Court for the Northern District of California.
Prior to involving the FBI, an internal Apple team reviewed Zhang's network activity and building access activity across the Apple campus. The internal team found that only days before his return on 30 April, Zhang's network activity had "increased exponentially" compared to the entirety of his employment.
The anomalous activity prompted Apple to contact Zhang as part of a deeper investigation, which led to the company also contacting the FBI. During his investigation, Proudfoot conducted interviews and reviewed documentation including file listings, closed-circuit television images, physical-access-badge history and employee agreements, all of which led to his determination that there is probable cause to believe that Zhang had stolen trade secrets.
XMotors reportedly terminated Zhang and contended that Zhang did not pass along any of Apple's trade secrets, according to Reuters.
Cases of insider threats are not uncommon. According to 2018 Insider Threat Intelligence Report from Dtex Systems, 38% of the assessments run as part of the report found evidence of employees who were exhibiting flight-risk behaviors.
“The criminal complaint filed in this case is not only evidence of what the former Apple employee may have done, it is also proof of how easy it is for anyone with privileged access rights to steal confidential data from their employers,” said Dtex Systems CEO Christy Wyatt.
“Apple, Tesla, Waymo and the litany of other organizations that have been victimized by insiders lately shows that companies are doing a great job of piecing together wrongdoing after the fact," said Wyatt. "It also shows that business needs to be more aware of activities taking place as they happen.”