End User Sues ADT/Tyco For $42 Million

Author: Carlton Purvis, Published on May 06, 2013

It was the biggest drug heist in American history. Burglars drove an 18-wheeler up to the Eli Lilly distribution center in Enfield, Connecticut, disabled its security system, rappelled through the roof and made off with $75 million in pharmaceuticals. [UPDATE May 7, 2013 - case dismissed, then refiled with new claims against ADT / Tyco].

Last summer, the U.S. Attorney’s office indicted 11 people for selling drugs stolen from the facility, but the burglary case has centered around the Villa brothers, Amaury and Amed, who are now awaiting trial in Connecticut.

Eli Lilly’s insurance company, National Union Fire Insurance, is suing Tyco and ADT to recover money it paid out after the heist. National Union believes ADT’s failure to protect sensitive security information led to the heist and is asking for $42 million in damages. In this note, we review the complaint and situation.

Background

According to court filings, ADT has provided security equipment and monitoring for Eli Lilly’s Enfield locations since 1974. In August 2004, ADT reviewed the distribution center’s security system and provided Eli Lilly with a report that included an inventory of all its existing security equipment and suggestions for additional surveillance. Later than year, Eli Lilly signed a 5-year contract with ADT to implement the improvements noted in the report. The contract included annual inspections and reports.

In 2009, ADT again evaluated the Enfield facility, this time to “review of the adequacy of the services provided” under the 2004 contract.

** ******** ** *** **** ******, ***** *** *** ******* any **** ** ******** ** *** ******** ** ********* *** vulnerabilities, *** **** *** ******** ******** *********** ** ****** *********, their *********** *****, *** ***** ****** ***** ****. ** ******** blueprints ** *** ******** ****** **** *********** ** “***** ****** detector, ****, **** *****, ********, ******** **** *******, ***** ******, panic ******, **** ********, ***** ***** ******, *******, ******* ***** and ******,” ********* ** *** ********* **** ******** *****. *** ****** also ***** **** *** ****** ******* **** *** *** ******* by ******* ** ****** *********.

*** “******** * ******** *** ******** ****** ** *********’* ******** security ****** ******* * “************* ***** ** ***** ******** ************* and **** ******** ** **** ******,” *** ********* ****. **** **** a ***** ***** *** ****** *** ******* ******* **** *** with * *******-******* ***** ** ***************.

Too **** ************?National Union believes thieves had access to the report and here is why (see the **** *********):

***’* ******* *** ***** ** **** *****, *******. *** *** men ******** *** *** ******** **** **** *******.
******* ** *** *********** ******** ****** *** *******-******* ** *** only ******* **** ******* ** **** ** *** ********'* ************ cameras.
*** ******** ******* ****** ****** ** *** **** *** ******* by ******* * * **** ** * **** **** ***** the ****** ******* **** -- *** **** **** *********** ** the **** ****** *** *** **** **** ****** *** ******** not ******* ** ************ *********. ****, **** ******** *** ******** system.

*** ** **** ******** ** **************, *******, *** ***** **** not **** *** **** ******* **** *** ***** ***** **** leaked *** ***** **** ** ****** ** ******* **** ***. But ******** ***** ******** ******* ***** ***-******* ********** **** *** had * **** *** *****.

*** ********* ******** ********** ** ********** ** *******, ***** *******, Texas *** **** ******, ********. ** *** ** *** **********, which ** ** *** **** ** ****, *** ********** *** been ******** ******* ** ***.

**** ** ****** *****, *** *** ******** *** *** *** Lilly ****, **** ********* ** *** ** ****. ****** *****’* lawyer **** *** ******** ***** ** ******** ***** ***** ********** *** ******** ***** ******** ***** ***** *** *********.

******** ***** ******** **** ***'* ******* ** ********** ******* ** sensitive ************ *********** ** * ******** ** ******* *********** ** the ****. *** *******: *** **** * ************* **********, **** not **** *****, * ******** ** *********** ** ******* **** advanced ********* ** ******** *******.

Feedback **** ******** ***** / *** *****

* ************ *** *** ***** ******** *** ********* ******* ** the **** ** ******** *****. * ************ *** ******** ***** said **** ** *** **** ***** ******* **********, *** ** would *** **** ********** *********** ** ***** ******* **** ***** what ***** ******* ** *** ********* ******** ***** *** ** ADT’s **********.

******** ***** **** *** *** ***** ***** *** *********** *** ADT ** ********* *** ******* ** ***** *** ******* ** the ********** ********* ******** ***** ******* *** ******* ** ********* sensitive ***********. *** “*** * **** ** *** **** *** knowledge **** ******** ********** ** ********** ** ***** ** ******** security ********, *** ***** ***** ********* ************ *********** ***** *** details ** *** ******** ******* ** *********,” *** ********* *****.

How *** ********* ******** ********* ****** ***********?

* **** ********** ******* ************** **** ** ** *** **** that **** ***** *** ***** ************ ** *** *** ***** case, *** **** ** *** ******* *** ***** ***** ** reviews ** ******* ******** *********** **** ***** ***** *** ***************. They ******* ******* * **** ** *********** ********* *** **** sometimes **** ******** *********.

**** ********* ******* *** ********, **** *** ****** ** * secure ******* ********** ** **** **** ********* *** *************** *** not ******** *** ** *****. *** ******** ******* **** *** discussed ** ****** ** ** *** *****, **** ****.

“** *** * *** ** ****** **** **** *********,” *** Tyco ************** ****. “**** ****** **** * **** ** ***** loss ********** ****** ***************.”

UPDATE: **** *********

** ***** ****, ******** ***** *********** ********* *** **** ******* Tyco *** ***,********* ** ***** ********* ******** *********. **** ***** *** ***** ***** **** ****** ****** ** *******. ** *** ******, **** **** *** *****’* ******** **** National ***** ****** ** **** ***** ** *** *****’* ******. Additionally, *** ****** **** *** **** *** ******* ***** ***********’* statute ** *********** *******.

* ****** *** ******** ***** ********* **** ********* **** *** case *** *********, *** ** “**** ** *** ** *** Florida ******.”

******: *******

*** **** *** *** **** ***** ** *******. ****** *** ****, ******** ***** ******** **** ****** *** **** ***** *** access ** ***'* *******. ***** ***** *****, *** *****'* ******, **** *** still **** *** **** **** ********, ** ***, ******** ***** has ********** **** ** ****** ******** *****. ***** *** *****, she ****, *** *** ***** ***** ** *** ******* ****** Eli ***** ******** ***** ** **** ** *** **********.

“***** ********** ****’* ********. ***** *** ****** ****** *** ** civil ********** **** ****’* ****** ****,” **** *****’* ******. ***** said ******** ***** ** **** ***** *** ******.

Comments (1)

Brian Rhodes

IPVMU Certified | 04/17/13 02:07pm

Whether the modality of the crime fits with an unsecured security assessment, it does provide a good opportunity for everyone to assess how this information is kept.

In so many cases, 'conveinience' DOES NOT EQUAL 'secure'. Keeping these reports locked up behind firewalls and granting file access on explicit permissions seems to be especially prudent. Making a point to demonstrate the data security of this information to (potential) customers/management might put them more at ease.

Having copies of these docs floating around unsecured on laptops or cell phones invites nightmarish trouble!

Login to read this IPVM report.

Why do I need to log in?

IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Sublethal Camera Gun Examined on Dec 06, 2018

Sublethal is a South African company that manufactures a remotely-controlled, camera-enabled gun called the Boomslang, which is Afrikaans for tree...

UK ICO Denies IPVM GDPR Complaint Against IFSEC, Decides Each Exhibitor Responsible on Dec 06, 2018

The UK Information Commissioner's Office (ICO) has denied IPVM's complaint against IFSEC for misuse of facial recognition. Each Exhibitor...

ADT Wins Fire Death Suit But Faces Appeal on Dec 05, 2018

ADT/Protection 1 has won a wrongful death court case in which it was sued by the estate of a deceased customer. However, the attorney for the...

French Government Threatens School with $1.7M Fine For “Excessive Video Surveillance” on Nov 14, 2018

The French government has notified a high-profile Paris coding academy that it risks a fine of up to 1.5 million euros (about $1.7m) if it...

Former Manufacturer Axcess Sues Avigilon, Genetec, Others for Patent Infringement on Oct 24, 2018

Axcess International, Inc. has sued Avigilon, Genetec and ACTi, among others for patent infringement. Who are they and what are their complaints...

Mysterious Patent Troll 'Secure Cam' Targets Industry, Sues Hanwha, Hikvison, JCI, Panasonic, More on Oct 11, 2018

A company named "Secure Cam," who is actively hiding their ownership, has acquired a slew of video patents and is systematically suing video...

Default Passwords Outlawed in California, US To Follow on Oct 09, 2018

UPDATES A new California bill aimed at improving security for connected devices has been signed into law. The law takes aim especially at...

Ascent / MONI Faces Lender Lawsuit and Debt Crisis on Sep 13, 2018

ASCMA, aka Ascent, aka Brinks Home Security, aka MONI, aka Monitronics is being sued by a group of their lenders who allege: As of June 30,...

France Political Scandal Reveals Video Surveillance Problems on Aug 22, 2018

In what French media describes as "the most damaging crisis yet for" French President Macron, a political scandal has revealed major gaps in the...

SimpliSafe Violating California, Florida, and Texas Licensing Laws on Aug 14, 2018

IPVM has verified that DIY security system provider SimpliSafe, founded in 2006 and acquired in June of 2018 at a billion dollar valuation, is...

Most Recent Industry Reports

2019 Access Control Book Released on Dec 12, 2018

This is the best, most comprehensive access control book in the world, based on our unprecedented research and testing has been significantly...

Huawei Hisilicon Quietly Powering Tens of Millions of Western IoT Devices on Dec 12, 2018

Huawei Hisilicon chips are powering, at least, tens of millions of Western IoT devices, such as IP cameras and surveillance recorders, a fact that...

FLIR Launches Body Cameras Unified With VMS (TruWitness) on Dec 11, 2018

While FLIR is best known for their thermal cameras, now they have expanded into body cameras, launching TruWITNESS, a public safety focused body...

Startup Sunflower Labs' Autonomous Drone Security System on Dec 11, 2018

Startup Sunflower Labs is claiming a unique design on a home security system, combining autonomous drones and 'Sunflower' sensors. Imagine an...

The 2019 Video Surveillance Industry Guide on Dec 10, 2018

The 300 page, 2019 Video Surveillance Industry Guide, covers the key events and the future of the video surveillance market, is now available,...

Multi-Factor Access Control Authentication Guide on Dec 10, 2018

Can a stranger use your credentials? One of the oldest problems facing access control is making credentials as easy to use as keys, but restricting...

Top 2019 Trend - AI Video Analytics on Dec 10, 2018

160+ Integrators answered: What do you think the top industry trend will be in 2019? Why? AI / video analytics was the run-away winner with...

AV Tech Company Profile on Dec 07, 2018

Taiwanese manufacturer AV Tech's revenue declined ~70% since 2012. Planning a comeback, AV Tech spoke to IPVM about their opportunities and...

Ubiquiti $79 Flex IP Camera Tested on Dec 07, 2018

U.S. Manufacturer Ubiquiti has released a 1080p, integrated IR IP camera, selling it directly for $79, making this one of the least expensive IP...

Infinova's Xinjiang Business Examined on Dec 07, 2018

As pressure mounts for companies to stop doing business in China’s Xinjiang region amid a severe human rights crisis, IPVM has found Infinova sold...