Facebook
Britain's News Portal
Around The Clock
BREAKING
Loading latest headlines…

Apple Sues OpenAI Over Alleged Trade Secret Theft by Former Employee

Apple has launched legal action against OpenAI, alleging a former employee exploited a 'rare' software bug to download confidential files after joining the AI firm. The lawsuit claims the individual accessed sensitive data about unreleased Apple products weeks after their departure.

  • Apple is suing OpenAI, accusing the company of trade secret theft and recruiting former Apple employees to learn proprietary information.
  • The lawsuit alleges former Apple system electrical engineer Chang Liu exploited a zero-day vulnerability to access and download confidential files.
  • Liu reportedly siphoned 'dozens of Apple's confidential hardware-related files' containing details on unreleased products and technical specifications.
  • Apple claims Liu failed to return his company-issued laptop and later misused the access of a then-current Apple employee.
  • The incident highlights the ongoing challenges organisations face in protecting sensitive data after employees leave.

Apple has initiated a lawsuit against OpenAI, alleging the artificial intelligence giant engaged in the theft of trade secrets and sought to acquire proprietary information by recruiting former Apple employees. The legal action centres on claims that a former Apple system electrical engineer, Chang Liu, exploited a previously unknown authentication flaw to access and download confidential company files weeks after he had departed Apple to join OpenAI.

According to Apple's complaint, Mr. Liu allegedly exploited a "rare, previously unknown authentication bug," classified as a zero-day vulnerability, to gain unauthorised access to Apple's network. This flaw reportedly allowed him to download "dozens of Apple's confidential hardware-related files." These files are said to have contained detailed information about unreleased products, engineering presentations, technical specifications, and proprietary project data. Apple has stated that it has since fixed the bug and terminated Mr. Liu's access once the security breach was discovered.

The lawsuit further claims that during February 2026, Mr. Liu attempted to access Apple's cloud-based file repository, which holds confidential engineering files and project documentation. Apple alleges that he discovered he could still access this network repository after leaving the company due to the then-unknown authentication vulnerability. The company also states that Mr. Liu failed to return his Apple-issued work laptop and later allegedly misused the access credentials of an acquaintance, Yu-Ting Peng, who was then an Apple employee and later also joined OpenAI.

This disclosure, while lacking extensive technical specifics regarding the bug itself, underscores the significant challenges businesses face in safeguarding sensitive corporate data once employees transition to new roles or companies. Organisations typically implement immediate measures to revoke access for departing staff to prevent any information from leaving, whether intentionally or inadvertently. Failures in fully decommissioning employee accounts can lead to future security vulnerabilities, data breaches, or malicious actions.

The incident highlights the critical importance of robust offboarding procedures and continuous security audits for all companies, particularly those operating in highly competitive and innovation-driven sectors. The legal proceedings are expected to delve deeper into the nature of the alleged exploitation and the measures Apple had in place to protect its intellectual property.

Why this matters: This case underscores the growing importance of cybersecurity and intellectual property protection for UK businesses, particularly those in the tech sector. It highlights the risks associated with employee departures and the need for stringent digital security protocols.

What this means for you: What this means for you: This incident serves as a reminder for UK consumers about the potential vulnerabilities even major tech companies face, which could ultimately impact the security of products and services they use. For UK businesses, it stresses the need to review and strengthen their own data protection and employee offboarding policies to prevent similar breaches.

Related Articles

Get the news that matters.

Join thousands of readers getting the best of British news straight to their inbox.