Case Of Corporate Espionage Puts HP To Shame

from the HP-on-steroids dept

When the HP pretexting scandal hit last summer, people were rightly stunned by the tactics used by the company to discover a boardroom leaker. After all, the company even spied on reporters. Now, BusinessWeek has a fascinating article on a case of corporate espionage that, frankly, makes the HP situation look like child's play. In 2005, a Russian conglomerate wanted to get some information on an investment fund in Bermuda. Through a series of deals, a firm called Diligence was hired to infiltrate the fund's auditor, KPMG. How they infiltrated the company was something straight out of a spy novel. First, they developed a profile of an employee at KPMG that would be likely to leak information. So, for example, a male in his mid-20s that liked to take risks and needed cash would serve as a likely leaker. For a woman, they were looking for "...a young female who is insecure, overweight, bitchy, not honest. Someone who spends money on her looks, clothes, gadgets. Has no boyfriend, and only superficial friends. Has a strong relationship with her mother." After Diligence settled on its inside man, it had one of its agents meet up with him, pretending to be from the British government, and claiming to need secret information on a matter of British national security. After a period when the two got to know each other, the proverbial canary started to sing. Soon the KPMG employee was handing over documents related to the Bermudan investment fund. For this he was awarded a Rolex watch, which he believed was a thank you gift from the British government. Eventually, the infiltration, dubbed Project Yucca, came to a halt once KPMG was anonymously given documents about the events. Naturally, KPMG sued Diligence and won $1.7 million in a settlement. Another suit, brought by the Bermudan fund, is still ongoing. Diligence insists that it acts within the parameters of the law where it operates, but the company obviously didn't think much of its chances at an actual trial, hence the settlement. The fact that companies engage in various shady activities to gain information on their competitors is not particularly surprising. But the fact that these operations so closely resemble spy stories -- complete with the profiles of a likely leaker -- is really quite incredible.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    dorpus, 16 Feb 2007 @ 7:15pm

    Post-Valentine Blues

    Isn't now the best time of the year to approach women who didn't get the boxes with red wrappers?

    At this time of year, Japanese women are spending $3,000-$5,000 on doll sets for Girl's Day on March 3rd. Adult women, presumably from the red-wrapper-deficient crowd, are buying the children's dolls for themselves.

    http://www.sanspo.com/gourmet/club/070209.html

    reply to this | link to this | view in chronology ]

  • identicon
    C.G., 16 Feb 2007 @ 8:29pm

    It gives Russia and spying a bad name

    Oh wait...

    reply to this | link to this | view in chronology ]

  • identicon
    security, 16 Feb 2007 @ 9:53pm

    How would they Get That Much Personal Info on any

    The male profile seems pretty generic, but...
    HOW could anyone get this much personal information on any female employee
    a male in his mid-20s that liked to take risks and needed cash would serve as a likely leaker. For a woman, they were looking for "...a young female who is insecure, overweight, bitchy, not honest. Someone who spends money on her looks, clothes, gadgets. Has no boyfriend, and only superficial friends. Has a strong relationship with her mother

    reply to this | link to this | view in chronology ]

    • identicon
      haywood, 17 Feb 2007 @ 5:28am

      Re: How would they Get That Much Personal Info on

      "HOW could anyone get this much personal information on any female employee"

      I could pick one like that out from a crowd. The mother and honesty parts would have to be an assumption, but the rest could be observed from a distance.

      reply to this | link to this | view in chronology ]

    • identicon
      TicoRey, 18 Feb 2007 @ 11:27am

      Re: How would they Get That Much Personal Info on

      These are almost all obvious to the naked eye, a coupla' minutes chatting her up will get the rest of the profile. Pretend interest in her.

      pat. pend.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 19 Feb 2007 @ 6:51am

      Re: How would they Get That Much Personal Info on

      How could they get that much info - Answer - BLOGs or MySpace.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Feb 2007 @ 11:38pm

    ///\___ (@ @) +----oOO----(_)-----------+ | 1337 | | h4xors | | | +-------------------oOO----+ |__|__| || || ooO Ooo

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Feb 2007 @ 11:39pm

    It was supposed to be a guy holding a sing that says "1337 h4xors".
    How was I supposed to know that the "" tag doesn't work here...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Feb 2007 @ 11:52pm

    Never heard of the preview button, moron?

    reply to this | link to this | view in chronology ]

  • identicon
    I Know People At KPMG, 17 Feb 2007 @ 7:44am

    Casting a wide net eh?

    young female who is insecure, overweight, bitchy, not honest. Someone who spends money on her looks, clothes, gadgets. Has no boyfriend, and only superficial friends


    Uhm, that describes upwards of 85% of the women working at KPMG. And most of the men as well.

    reply to this | link to this | view in chronology ]

  • identicon
    Jerk Bosses, 17 Feb 2007 @ 3:26pm

    New news ? Hardly so ?

    This in new news ?
    Welcome to life.

    reply to this | link to this | view in chronology ]

  • identicon
    Brad Eleven, 18 Feb 2007 @ 3:21pm

    tip of the iceberg

    HP and Diligence are simply the ones who got caught. If anyone believes for a second that the corporation that employs him/her is any different, hey, dream on and enjoy it. Corporations are all about control and survival. They do whatever they think they can get away with, with no regard for the law. Either they think they'll get away with it, or the fines are considered along with legitimate costs of doing business.

    Corporations were dreamed up to avoid responsibility. You and I and Bill and Fred pour our personal assets into it, but if it fails, gets sued, etc., we get to keep "our" money and try again. Now look at what it has become. Corporations rule these United States, and probably the world.

    Why is it that corporations aren't held responsible for their actions--like the citizens whose rights they claim? It is my opinion that corporations caught breaking the law should have to pay the same price as citizens. They lose rights. They don't get to lobby any more. They don't get to hide anything.

    I don't see it happening anytime soon, if ever. Our elected leaders are addicted to corporate money, at least for now.

    reply to this | link to this | view in chronology ]

  • identicon
    Lou, 18 Feb 2007 @ 7:53pm

    When the government does it, it's "intelligence". If journalists do it, they get awards. When corporations do it, it's shameful, shameful. Where is the line drawn for soliciting information on the sly? Is it the purpose for which info is used, that makes espionage bad? Is it the espionage, the deceipt, or the fact that a third party was contracted to do this, or just the fact that the profiling was done so explicitly, that's riling us? Are we less affected if similar tactics were used to say, uncover a network of terrorists or child pornographers?

    I'm curious to figure out which aspect of the scandal we're reacting to most violently.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.