End User Robbed, Seeks ADT Inside Leak

CP
Carlton Purvis
Published Mar 25, 2014 04:00 AM
PUBLIC - This article does not require an IPVM subscription. Feel free to share.

New documents obtained by IPVM in the ongoing ADT/Tyco vs. Eli Lilly case, the biggest pharmaceutical heist in American history where $75 million worth of drugs were stolen from an Eli Lilly distribution center in Connecticut, indicates that the plantiffs are going after an ADT inside leak.

In this note, we dig into those court documents and contentions.

Background

Eli Lilly's insurance company, National Union, says the burglars, who have since been arrested, exploited vulnerabilities that were highlighted in a prior ADT audit, leading the company to believe ADT is partially at fault.

It also claims that there is a pattern of ADT customers being burglarized shortly after have vulnerability assessments. The complaint includes narratives of burglaries in Orlando, Grand Prairie, Texas and East Peoria, Illinois. In all of the burglaries, which go as far back as 2008, the facilities had been recently audited by ADT.

The lawyer for one of them men charged with the burglary (who plead guilty) says there is no evidence that her clients had ADT’s security plans for the facility.

Discovery

National Union and Eli Lilly are focused on finding a leak in ADT as a source for the information, recently filed discovery documents show. Among the items ADT is being asked to produce are:

  • All audit logs for ADT servers and databases, “copies of all reports and results from cyber penetration tests, security assessments and risk analysis performed between 2008 and 2010 of ADT’s network
  • “Copies of all documents regarding insider threat countermeasures for cyber, physical or other security that were/are in use by ADT for the year prior to and at the time of the break-in at Eli Lilly’s warehouse”
  • All documents regarding background checks performed on personnel who had access to the Eli Lilly security information
  • “Guidelines to employees about the handling of sensitive documents, including traveling with sensitive documents, taking/working with them at home, shredding them, and disposing of them in the trash.”
  • Copies of all logs of after-hours work or access to ADT computers
  • Policies of how computer hardware is destroyed
  • Acess to anyone who responsible for securing security documents and people who had access to the warehouse security information and were every fired from the company.

Here is the full document. The last two questions are pretty interesting and seem targeted to finding an insider or what ADT was doing to protect from insider threats:

Are these questions specific enough to indicate National Union and Eli Lilly know something or is this a fishing expedition?

National Union, Eli Lilly’s insurance company in the past has declined to comment on pending litigation.

Comments are shown for subscribers only. Login or Join