This is actually a very important case depending on which way it goes.
It could become a landmark case in regards to liability for machines on your network, or actually any traffic originating from your IP range.
A boutique Washington, D.C.-based law firm is accusing IBM of hacking into its e-mail system and is seeking recourse.
The firm, Butera & Andrews, filed suit against IBM and is seeking unspecified damages and repayment of more than $61,000 that it paid to investigate the alleged break-in and repair its e-mail system, according to a copy of the suit, which was filed in April in U.S. District Court for the District of Columbia.
IBM of course wants to dismiss the case stating it’s not their liability.
IBM has since filed papers with the court seeking to dismiss the case, arguing that the law firm failed to state a legitimate claim. Butera & Andrews, meanwhile, have asked the court for limited discovery, allowing it to investigate the matter, which IBM opposes, according to recently filed court papers.
Butera & Andrews charge that an unnamed IBM employee at a Durham, N.C., hacked into its e-mail system. The individual allegedly broke into the system, gained full privileges and was able to download messages at will, according to the complaint.
The firm hired outside experts after it “became aware of facts which suggested that the e-mail server through which the firm operated had been compromised by unauthorized parties” in November 2005, according to the complaint.
It seems like an awful lot of attempts, but really can IBM be held liable? In a way I hope not as it could tide badly for everything if they are made responsible for the activity on all IP addresses registered to them.
The investigation turned up more than 42,000 attempts from over 80 different Internet protocol addresses owned by IBM to acces the Butera & Andrews e-mail system last year, the complaint said.
“Plaintiff cannot state a claim merely by alleging that certain events are ‘tied’ to IP addresses registered to IBM,” the Armonk, N.Y., IT giant said in a court filing on June 30. “Indeed, plaintiff’s argument would be akin to holding AOL liable for intentional misconduct any time an IP address registered to AOL.”
It’s an accurate comparison IMHO.