A lawsuit unsealed this week alleges that IBM was hacked multiple times by foreign governments and did not disclose the breaches.
William Barlow, who served as IBM's vice president of threat intelligence until August 2019, is accusing the company of covering up the incidents. According to his complaint filed in 2020, Chinese hackers breached IBM's core network repeatedly between 2013 and 2016, but IBM allegedly did not disclose the breaches.
Barlow claims at least two IBM subsidiaries were also hacked and the company covered them up. The complaint states that IBM's core network "was routinely hacked by foreign state actors," with data stolen and government agencies not informed.
The alleged attackers were APT 10, a Chinese government-linked hacking group that targeted corporations globally, according to the FBI. Barlow's lawsuit reveals that these hackers broke into IBM's network and data maintained in partnership with AT&T.
In March 2017, intelligence officials from the Five Eyes alliance (Australia, Canada, New Zealand, the United States, and the United Kingdom) tipped off IBM about the breach. An internal investigation allegedly concluded that APT 10 hacked IBM's systems over 56,000 times between 2013 and 2016.
IBM allegedly could not investigate properly because it had not kept basic security logs tracking who accessed its network and when. The company then allegedly did not alert any authorities or the U.S. government, one of its biggest customers.
IBM's response to TechCrunch: the complaint was filed six years ago and the Justice Department declined to intervene. IBM says its actions "followed the letter of the law." Observers question whether that standard is sufficient when the company is a major cybersecurity vendor to the federal government.
