End User Sues ADT/Tyco For $42 Million

By: Carlton Purvis, Published on May 06, 2013

It was the biggest drug heist in American history. Burglars drove an 18-wheeler up to the Eli Lilly distribution center in Enfield, Connecticut, disabled its security system, rappelled through the roof and made off with $75 million in pharmaceuticals. [UPDATE May 7, 2013 - case dismissed, then refiled with new claims against ADT / Tyco].

Last summer, the U.S. Attorney’s office indicted 11 people for selling drugs stolen from the facility, but the burglary case has centered around the Villa brothers, Amaury and Amed, who are now awaiting trial in Connecticut

Eli Lilly’s insurance company, National Union Fire Insurance, is suing Tyco and ADT to recover money it paid out after the heist. National Union believes ADT’s failure to protect sensitive security information led to the heist and is asking for $42 million in damages. In this note, we review the complaint and situation.

Background

According to court filings, ADT has provided security equipment and monitoring for Eli Lilly’s Enfield locations since 1974. In August 2004, ADT reviewed the distribution center’s security system and provided Eli Lilly with a report that included an inventory of all its existing security equipment and suggestions for additional surveillance. Later than year, Eli Lilly signed a 5-year contract with ADT to implement the improvements noted in the report. The contract included annual inspections and reports.

In 2009, ADT again evaluated the Enfield facility, this time to “review of the adequacy of the services provided” under the 2004 contract.

In contrast to the 2004 report, which did not include any maps or diagrams of the facility or highlight any vulnerabilities, the 2010 one included detailed information on camera locations, their directional views, and items within their view. It included blueprints of the facility marked with coordinates of “every motion detector, beam, roof hatch, intercom, overhead door contact, fixed camera, panic button, card recorder, glass break sensor, contact, control panel and keypad,” according to the complaint from National Union. The report also noted that the master control room was not covered by cameras or motion detectors.

ADT “compiled a complete and thorough report of Plaintiff’s existing security system created a “comprehensive guide to every security vulnerability and flaw inherent in that system,” the complaint says. Less than a month after the report was created someone made off with a tractor-trailer worth of pharmaceuticals.

Too Many Coincidences?

National Union believes thieves had access to the report and here is why (see the full complaint):

  • ADT’s offices are based in Boca Raton, Florida. The two men indicted for the burglary were from Florida.
  • Thieves at the Connecticut facility parked the tractor-trailer at the only loading dock outside of view of the facility's surveillance cameras.
  • The burglars crossed entire length of the roof and entered by cutting a 2 foot by 2 foot hole above the master control room -- the same area highlighted in the 2010 report and the only area inside the facility not covered by surveillance equipment. Then, they disabled the security system.

All of this evidence is circumstantial, however, and still does not rule out that someone from Eli Lilly could have leaked the plans just as easily as someone from ADT. But National Union believes several other ADT-related burglaries show ADT had a leak for years. 

The complaint includes narratives of burglaries in Orlando, Grand Prairie, Texas and East Peoria, Illinois. In all of the burglaries, which go as far back as 2008, the facilities had been recently audited by ADT.

Amed or Amaury Villa, the men indicted for the Eli Lilly case, were connected to two of them. Amaury Villa’s lawyer says she had never heard of security plans being involved in the burglary until National Union filed its complaint.

National Union believes that ADT's efforts to centralize storage of sensitive confidential information to a facility in Florida contributed to the leak. The pattern: ADT does a vulnerability assessment, then not long after, a facility is burglarized by thieves with advanced knowledge of security systems. 

Feedback from National Union / Eli Lilly

A spokesperson for Eli Lilly referred all questions related to the case to National Union. A spokesperson for National Union said they do not talk about pending litigation, but he would see what additional information he could provide when asked what proof outside of the complaint National Union had of ADT’s negligence.  

National Union says the Eli Lilly heist was foreseeable and ADT is negligent for failing to alert its clients of the burglaries involving bypassed alarm systems and failing to safeguard sensitive information. ADT “had a duty to act upon the knowledge that multiple burglaries of facilities in which it provided security services, had taken place utilizing confidential information about the details of the security systems in existence,” the complaint reads. 

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

How Are Companies Securing Sensitive Client Information?

A Tyco Integrated Systems representative told us at ISC West that they could not speak specifically on the Eli Lilly case, but that it was unusual for these kinds of reviews to contain detailed information like blind spots and vulnerabilities. They usually contain a list of recommended equipment and only sometimes list existing equipment. 

When sensitive reports are produced, they are stored on a secure network accessible to only Tyco employees and vulnerabilities are not commonly put on paper. For security reasons they are discussed in person or on the phone, they said. 

“We see a lot of inside jobs from companies,” one Tyco representative said. “They should take a look at their loss prevention people and that turnover.”

UPDATE: Case Dismissed

On April 16th, National Union voluntarily dismissed its case against Tyco and ADT, according to court documents released yesterday. This comes two weeks after Tyco filed a motion to dismiss. In its motion, Tyco says Eli Lilly’s contract with National Union blocks it from suing on Eli Lilly’s behalf. Additionally, the motion says the suit was brought after Connecticut’s statute of limitations expired.

A lawyer for National Union confirmed this afternoon that the case was dismissed, but to “keep an eye on the Florida docket.”

UPDATE: Refiled

The case has now been filed in Florida. In this new suit, National Union directly says Amaury and Amed Villa had access to ADT's records. Maria Elena Perez, the Villa's lawyer, said she still does not know what evidence, if any, National Union has connecting them to leaked security plans. Until the suits, she said, she had never heard of her clients having Eli Lilly security plans as part of the burglaries. 

“Civil complaints aren’t evidence. There are things people say in civil complaints that aren’t always true,” said Villa’s lawyer. Perez said National Union is also suing her client.

Comments (1) : PRO Members only. Login. or Join.

Related Reports

Cisco Settles False Claims Act Suit For Video Surveillance Vulnerabilities on Aug 01, 2019
Cisco entered the video surveillance market in 2007 and suffered for many years through a variety of its own errors and arrogance. The conclusion...
RaySharp Revealed - Major China OEM For Western Consumer Video Surveillance on Jul 02, 2019
RaySharp is mostly unknown, even among people in the video surveillance industry, though it is a major supplier of OEM surveillance equipment such...
The Scheme Hikvision and China Importers Use To Avoid Tariffs on Jun 17, 2019
Hikvision and numerous China importers are avoiding 25% tariffs by including an SD card slot in their IP cameras to claim they are 'digital still...
Nortek and SDS Fight Over Failed Settlement on Jun 05, 2019
Distributor SDS said they reached a deal with Nortek but Nortek says no settlement was reached and the suit is still on. In this post, based on...
NJ Law Requires Apprenticeship For Public Works Integrators on May 24, 2019
Few integrators do a formal apprenticeship program. However, now a NJ law is requiring any integrator on public works projects (such as state...
ADT's Top Dealer "The Defenders" Sued 20+ Times on May 07, 2019
ADT's largest authorized dealer, The Defenders, has been sued more than 20 times since 2012, IPVM has verified through analyzing legal...
Dahua and Hikvision Products Illegally Sold To US Government GSA on May 06, 2019
Dahua and Hikvision products are being widely and illegally sold to the US government GSA. The sellers are falsely claiming these China products to...
UK Camera Commissioner Calls for Regulating Facial Recognition on Apr 15, 2019
IPVM interviewed Tony Porter, the UK’s surveillance camera commissioner after he recently called for regulations on facial recognition in the...
US City Sued For Hiding Surveillance Camera Map on Mar 08, 2019
UPDATE: The judgment is now in and updated information is at the bottom of the post. Should maps of public surveillance camera locations be kept...
Huawei Sues US Government Over NDAA Ban on Mar 07, 2019
Chinese telecom giant Huawei is suing the US government over the NDAA ban, arguing that key provisions in it are unconstitutional.  NDAA Section...

Most Recent Industry Reports

TMA Apologizes to Amazon / Ring on Aug 23, 2019
Not only is Amazon / Ring making major incursions into the residential security market, the organization representing the biggest incumbents, The...
China Dahua Replaces Their Software With US Pepper on Aug 22, 2019
What does a US government banned company do to improve its security positioning in the US? Well, Dahua is unveiling a novel solution, partnering...
Security Integrators Outlook On Remaining Integrators In 2025 on Aug 22, 2019
The industry has changed substantially in the last decade, with the rise of IP cameras and the race to the bottom. Indeed, more changes may be...
First GDPR Facial Recognition Fine For Sweden School on Aug 22, 2019
A school in Sweden has been fined $20,000 for using facial recognition to keep attendance in what is Sweden's first GDPR fine. Notably, the fine is...
Anyvision Facial Recognition Tested on Aug 21, 2019
Anyvision is aiming for $1 billion in revenue by 2022, backed by $74 million in funding. But does their performance live up to the hype they have...
JCI Sues Wyze on Aug 21, 2019
The mega manufacturer / integrator JCI has sued the fast-growing $20 camera Seattle startup Wyze. Inside this note: Share the court...
Dahua 4K Camera Shootout on Aug 20, 2019
Dahua's new Pro Series 4K N85CL5Z claims to "deliver superior images in all lighting and environmental conditions", but how does this compare to...
ZK Teco Atlas Access Control Tested on Aug 20, 2019
Who needs access specialists? China-based ZKTeco claims its newest access panel 'makes it very easy for anyone to learn and install access control...
Uniview Beats Intel In Trademark Lawsuit on Aug 19, 2019
Uniview has won a long-running trademark lawsuit brought by Intel, with Beijing's highest court reversing an earlier Intel win, centered on...
Suprema Biometric Mass Leak Examined on Aug 19, 2019
While Suprema is rarely discussed even within the physical security market, the South Korean biometrics manufacturer made global news this past...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact