Money

Former Ubiquiti employee charged with stealing data, extorting employer

The defendant posed as a whistleblower to leak misleading stories about the breach to the press.

December 2, 2021

(Getty Images)

The FBI arrested a former employee of a U.S. technology company for allegedly breaching and stealing confidential data from his employer and then extorting the company for nearly $2 million.

The defendant, Nickolas Sharp, after allegedly stealing sensitive information posed as a whistleblower to plant misleading news about the company’s breach, according to an indictment released Wednesday. The articles caused the company’s share price to drop, causing it to lose market value, according to the Justice Department.

The indictment does not mention the company where Sharp worked, though the timeline and details of the incident match up with a breach of router company Ubiquiti discovered in January. An anonymous whistleblower accused the company of covering up the incident in March, matching with the FBI’s account of Sharp’s actions. Sharp’s LinkedIn confirms he worked at Ubiquiti at the time.

The company did not immediately respond to a request for comment Thursday.

In a prior statement, the $1.8 billion hardware firm said the intruder did not access customer data.

“At this point, we have well-developed evidence that the perpetrator is an individual with intricate knowledge of our cloud infrastructure,” the company said.

Around December 2020, Sharp, a senior developer at the company, allegedly misused his access to company systems to download confidential data from his employer. In January, he sent an anonymous ransom request to the company demanding roughly $1.9 million worth of bitcoin in exchange for returning the data and fixing the alleged vulnerability used to access it.

The company denied the demand, only for some the data to be published online.

Shortly after the FBI questioned Sharp about the incident, he leaked misleading information about the company’s handling of the hack to the press, the charges say.

To hide his tracks, the defendant is accused of damaging the computers’ logging system and used a virtual private network to mask his internet protocol address. However, a brief power outage at Sharp’s house exposed his home IP unmasked without the VPN.

“We allege Mr. Sharp created a twisted plot to extort the company he worked for by using its technology and data against it,” said FBI Assistant Director Michael Driscoll. “Mr. Sharp may have believed he was smart enough to pull off his plan, but a simple technical glitch ended his dreams of striking it rich.”

Sharp, who was arrested in Oregon on Wednesday, is charged with four counts, including wire fraud, intentionally damaging a protected computer and lying to the FBI. He does not appear to have entered a plea.

If convicted, Sharp could face 37 years in prison.