End User Sues ADT/Tyco For $42 Million

Author: Carlton Purvis, Published on May 06, 2013

It was the biggest drug heist in American history. Burglars drove an 18-wheeler up to the Eli Lilly distribution center in Enfield, Connecticut, disabled its security system, rappelled through the roof and made off with $75 million in pharmaceuticals. [UPDATE May 7, 2013 - case dismissed, then refiled with new claims against ADT / Tyco].

Last summer, the U.S. Attorney’s office indicted 11 people for selling drugs stolen from the facility, but the burglary case has centered around the Villa brothers, Amaury and Amed, who are now awaiting trial in Connecticut

Eli Lilly’s insurance company, National Union Fire Insurance, is suing Tyco and ADT to recover money it paid out after the heist. National Union believes ADT’s failure to protect sensitive security information led to the heist and is asking for $42 million in damages. In this note, we review the complaint and situation.

Background

According to court filings, ADT has provided security equipment and monitoring for Eli Lilly’s Enfield locations since 1974. In August 2004, ADT reviewed the distribution center’s security system and provided Eli Lilly with a report that included an inventory of all its existing security equipment and suggestions for additional surveillance. Later than year, Eli Lilly signed a 5-year contract with ADT to implement the improvements noted in the report. The contract included annual inspections and reports.

In 2009, ADT again evaluated the Enfield facility, this time to “review of the adequacy of the services provided” under the 2004 contract.

** ******** ** *** **** ******, ***** *** *** ******* any **** ** ******** ** *** ******** ** ********* *** vulnerabilities, *** **** *** ******** ******** *********** ** ****** *********, their *********** *****, *** ***** ****** ***** ****. ** ******** blueprints ** *** ******** ****** **** *********** ** “***** ****** detector, ****, **** *****, ********, ******** **** *******, ***** ******, panic ******, **** ********, ***** ***** ******, *******, ******* ***** and ******,” ********* ** *** ********* **** ******** *****. *** ****** also ***** **** *** ****** ******* **** *** *** ******* by ******* ** ****** *********.

*** “******** * ******** *** ******** ****** ** *********’* ******** security ****** ******* * “************* ***** ** ***** ******** ************* and **** ******** ** **** ******,” *** ********* ****. **** **** a ***** ***** *** ****** *** ******* ******* **** *** with * *******-******* ***** ** ***************.

Too **** ************?National Union believes thieves had access to the report and here is why (see the **** *********):

  • ***’* ******* *** ***** ** **** *****, *******. *** *** men ******** *** *** ******** **** **** *******.
  • ******* ** *** *********** ******** ****** *** *******-******* ** *** only ******* **** ******* ** **** ** *** ********'* ************ cameras.
  • *** ******** ******* ****** ****** ** *** **** *** ******* by ******* * * **** ** * **** **** ***** the ****** ******* **** -- *** **** **** *********** ** the **** ****** *** *** **** **** ****** *** ******** not ******* ** ************ *********. ****, **** ******** *** ******** system.

*** ** **** ******** ** **************, *******, *** ***** **** not **** *** **** ******* **** *** ***** ***** **** leaked *** ***** **** ** ****** ** ******* **** ***. But ******** ***** ******** ******* ***** ***-******* ********** **** *** had * **** *** *****. 

*** ********* ******** ********** ** ********** ** *******, ***** *******, Texas *** **** ******, ********. ** *** ** *** **********, which ** ** *** **** ** ****, *** ********** *** been ******** ******* ** ***.

**** ** ****** *****, *** *** ******** *** *** *** Lilly ****, **** ********* ** *** ** ****. ****** *****’* lawyer **** *** ******** ***** ** ******** ***** ***** ********** *** ******** ***** ******** ***** ***** *** *********.

******** ***** ******** **** ***'* ******* ** ********** ******* ** sensitive ************ *********** ** * ******** ** ******* *********** ** the ****. *** *******: *** **** * ************* **********, **** not **** *****, * ******** ** *********** ** ******* **** advanced ********* ** ******** *******. 

Feedback **** ******** ***** / *** *****

* ************ *** *** ***** ******** *** ********* ******* ** the **** ** ******** *****. * ************ *** ******** ***** said **** ** *** **** ***** ******* **********, *** ** would *** **** ********** *********** ** ***** ******* **** ***** what ***** ******* ** *** ********* ******** ***** *** ** ADT’s **********.  

******** ***** **** *** *** ***** ***** *** *********** *** ADT ** ********* *** ******* ** ***** *** ******* ** the ********** ********* ******** ***** ******* *** ******* ** ********* sensitive ***********. *** “*** * **** ** *** **** *** knowledge **** ******** ********** ** ********** ** ***** ** ******** security ********, *** ***** ***** ********* ************ *********** ***** *** details ** *** ******** ******* ** *********,” *** ********* *****. 

How *** ********* ******** ********* ****** ***********?

* **** ********** ******* ************** **** ** ** *** **** that **** ***** *** ***** ************ ** *** *** ***** case, *** **** ** *** ******* *** ***** ***** ** reviews ** ******* ******** *********** **** ***** ***** *** ***************. They ******* ******* * **** ** *********** ********* *** **** sometimes **** ******** *********. 

**** ********* ******* *** ********, **** *** ****** ** * secure ******* ********** ** **** **** ********* *** *************** *** not ******** *** ** *****. *** ******** ******* **** *** discussed ** ****** ** ** *** *****, **** ****. 

“** *** * *** ** ****** **** **** *********,” *** Tyco ************** ****. “**** ****** **** * **** ** ***** loss ********** ****** ***************.”

UPDATE: **** *********

** ***** ****, ******** ***** *********** ********* *** **** ******* Tyco *** ***,********* ** ***** ********* ******** *********. **** ***** *** ***** ***** **** ****** ****** ** *******. ** *** ******, **** **** *** *****’* ******** **** National ***** ****** ** **** ***** ** *** *****’* ******. Additionally, *** ****** **** *** **** *** ******* ***** ***********’* statute ** *********** *******.

* ****** *** ******** ***** ********* **** ********* **** *** case *** *********, *** ** “**** ** *** ** *** Florida ******.”

******: *******

*** **** *** *** **** ***** ** *******. ****** *** ****, ******** ***** ******** **** ****** *** **** ***** *** access ** ***'* *******. ***** ***** *****, *** *****'* ******, **** *** still **** *** **** **** ********, ** ***, ******** ***** has ********** **** ** ****** ******** *****. ***** *** *****, she ****, *** *** ***** ***** ** *** ******* ****** Eli ***** ******** ***** ** **** ** *** **********. 

“***** ********** ****’* ********. ***** *** ****** ****** *** ** civil ********** **** ****’* ****** ****,” **** *****’* ******. ***** said ******** ***** ** **** ***** *** ******.

Comments (1)

Thumbnail pp 5

Brian Rhodes

IPVMU Certified | 04/17/13 02:07pm

Whether the modality of the crime fits with an unsecured security assessment, it does provide a good opportunity for everyone to assess how this information is kept.

In so many cases, 'conveinience' DOES NOT EQUAL 'secure'. Keeping these reports locked up behind firewalls and granting file access on explicit permissions seems to be especially prudent. Making a point to demonstrate the data security of this information to (potential) customers/management might put them more at ease.

Having copies of these docs floating around unsecured on laptops or cell phones invites nightmarish trouble!

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

GDPR / ICO Complaint Filed Against IFSEC Show Facial Recognition on Jun 20, 2018
IPVM has filed a complaint against IFSEC’s parent company UBM based on our concern that the conference violates core GDPR principles on...
Remove Dahua and Hikvision Gov Installs Required By US House Bill Ban on Jun 06, 2018
The final released US House Bill HR 5515 verifies that it not only prohibits the purchasing of Dahua and Hikvision products, it requires removing...
Panasonic Sells Security Camera Patents To Troll on Jun 04, 2018
In a highly atypical move, Panasonic has sold off nearly 100 security camera patents to one of the most well-known patent trolls. This comes just...
Amazon's "Dangerous New Face Recognition Technology" Says ACLU on May 23, 2018
The ACLU has caused a stir, with a new report Amazon Teams Up With Law Enforcement to Deploy Dangerous New Face Recognition Technology,...
GDPR For Video Surveillance Guide on Apr 12, 2018
The European Union’s General Data Protection Regulation (GDPR) comes into force on May 25, but there is much confusion and no clear guidelines on...
Audio Usage In Video Surveillance Statistics on Mar 28, 2018
Audio is more widely available and easier to use than ever, with many IP cameras building audio in and often making integration as simple as...
Axis Wins, Arecont Cancels Multi-Imager Patent on Feb 26, 2018
16 months after Arecont publicly threatened Axis and 7 months after Axis took Arecont to patent 'court', Axis has won, with Arecont canceling all...
The Interceptor Aims To Fix Vulnerability In Millions of Alarm Systems on Jan 08, 2018
Security executive Jeffery Zwirn claims a 'catastrophic' flaw exists in 'millions of alarm systems', and dealers could be liable if not fixed. The...
Chinese Government Attacks Western Reports on Jan 03, 2018
The Chinese government is angry at the BBC and WSJ's reporting on Chinese video surveillance (see BBC Features Dahua and WSJ Investigates China's...
Avigilon / Canon New Lawsuits, No Settlement on Oct 11, 2017
In July, Canon sued Avigilon, a notably rare move amongst major players in the industry, including Canon's subsidiaries Axis and Milestone. At...

Most Recent Industry Reports

Installation Hardware for Video Surveillance - Indoor Fasteners on Jun 22, 2018
As part of our Installation for Video Surveillance series, in this note, we cover drywall anchors. A key part of installing security hardware is...
Hikvision ColorVu Integrated Visible Light Cameras Examined on Jun 22, 2018
When it comes to low light, infrared light has become the defacto standard in surveillance. But IR is limited to monochrome images, making colors...
Last Chance - Save $50 - July 2018 IP Networking Course on Jun 21, 2018
Today, Thursday the 21st is the last chance to save $50 on registration. Register now and save. This is the only networking course designed...
'Secure Channel' OSDP Access Control Examined on Jun 21, 2018
Despite claiming to be better than Wiegand, OSDP's initial releases did not address the lack of encryption between reader and controller, leaving...
Most Wanted Improvements In Manufacturer Technical Support (Statistics) on Jun 21, 2018
5 key areas of improvement and 1 clear wanted support feature were voiced by 140+ integrator responses to: What improvement in manufacturer...
GDPR / ICO Complaint Filed Against IFSEC Show Facial Recognition on Jun 20, 2018
IPVM has filed a complaint against IFSEC’s parent company UBM based on our concern that the conference violates core GDPR principles on...
IFSEC 2018 Final Show Report on Jun 20, 2018
IPVM attended the IFSEC show for the first time this year. The Chinese have taken over the UK, centered on Hikvision, flanked by Dahua, Huawei and...
Mobotix Releases 'Move' Into 21st Century on Jun 20, 2018
For years, Mobotix stood resolutely against, well, every other manufacturer, selling it as a virtue: MOBOTIX equipment is designed with no...
Cybersecurity Startup VDOO Disclosing 10 Manufacturer Vulnerabilities Starting With Axis And Foscam on Jun 20, 2018
Cybersecurity startup VDOO has uncovered significant vulnerabilities in Axis cameras along with many others not yet disclosed. In this report, we...
Axis Guardian - Cloud VMS And Alarm Monitoring - Released on Jun 19, 2018
Axis has struggled to deliver a cloud-based managed service video platform. Video service providers have utilized AVHS for over a decade, and have...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact