Navigation



IBM Accused of Hacking

Last updated: July 21, 2010 | 7,512 views

Use Netsparker


This is actually a very important case depending on which way it goes.

It could become a landmark case in regards to liability for machines on your network, or actually any traffic originating from your IP range.

A boutique Washington, D.C.-based law firm is accusing IBM of hacking into its e-mail system and is seeking recourse.

The firm, Butera & Andrews, filed suit against IBM and is seeking unspecified damages and repayment of more than $61,000 that it paid to investigate the alleged break-in and repair its e-mail system, according to a copy of the suit, which was filed in April in U.S. District Court for the District of Columbia.

IBM of course wants to dismiss the case stating it’s not their liability.

IBM has since filed papers with the court seeking to dismiss the case, arguing that the law firm failed to state a legitimate claim. Butera & Andrews, meanwhile, have asked the court for limited discovery, allowing it to investigate the matter, which IBM opposes, according to recently filed court papers.

Butera & Andrews charge that an unnamed IBM employee at a Durham, N.C., hacked into its e-mail system. The individual allegedly broke into the system, gained full privileges and was able to download messages at will, according to the complaint.

The firm hired outside experts after it “became aware of facts which suggested that the e-mail server through which the firm operated had been compromised by unauthorized parties” in November 2005, according to the complaint.

It seems like an awful lot of attempts, but really can IBM be held liable? In a way I hope not as it could tide badly for everything if they are made responsible for the activity on all IP addresses registered to them.

The investigation turned up more than 42,000 attempts from over 80 different Internet protocol addresses owned by IBM to acces the Butera & Andrews e-mail system last year, the complaint said.

“Plaintiff cannot state a claim merely by alleging that certain events are ‘tied’ to IP addresses registered to IBM,” the Armonk, N.Y., IT giant said in a court filing on June 30. “Indeed, plaintiff’s argument would be akin to holding AOL liable for intentional misconduct any time an IP address registered to AOL.”

It’s an accurate comparison IMHO.

Source: News.com

Share
Tweet
+1
Share
Posted in: Legal Issues, Networking Hacking

, ,


Latest Posts:


SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
June 20, 2018 - Shares
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.
June 18, 2018 - Shares
Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
May 23, 2018 - 80 Shares
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
May 19, 2018 - 115 Shares
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
May 10, 2018 - 157 Shares
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.
May 5, 2018 - 306 Shares


Comments are closed.