Former IBM cyber exec alleges company covered up Chinese breaches
Original: Former cyber executive turned whistleblower accuses IBM of covering up several data breaches
Why This Matters
Highlights potential non-disclosure of major breaches at key government vendor
Former IBM VP William Barlow filed lawsuit claiming company was breached by Chinese APT 10 hackers 56,000+ times from 2013-2016 but covered up incidents. IBM allegedly failed to notify authorities despite being major government vendor.
William Barlow, IBM's former VP of threat intelligence until 2019, accused the company in a 2020 lawsuit of concealing multiple data breaches by foreign governments. The complaint alleges Chinese APT 10 hackers breached IBM's core network over 56,000 times between 2013-2016, with Five Eyes intelligence alliance warning IBM in March 2017. Barlow claims IBM's investigation found four compromised servers but the company failed to maintain access logs, hindering further investigation. IBM allegedly never disclosed the breaches to authorities despite being a major federal cybersecurity vendor. The lawsuit also mentions breaches at IBM subsidiaries. IBM spokesperson said the DOJ declined to intervene and the company followed legal requirements.