A former IBM cybersecurity executive has accused the company and AT&T of concealing multiple cyber intrusions by foreign hackers from the US government. In a recently unsealed whistleblower lawsuit, the executive also said that the data remained hidden while the companies continued to secure and maintain federal contracts.
Details of the Allegations
William Barlow, IBM's former vice president of threat intelligence, alleges that the two companies failed to disclose repeated breaches affecting systems used by various US government agencies, including the military. The lawsuit claims IBM and AT&T provided assurances about the security of their networks despite being aware of significant cybersecurity incidents.
According to a report by Fortune, the complaint was filed under seal in 2020 under the False Claims Act and remained confidential until this week, after the US Department of Justice declined to intervene in the case. The lawsuit is still pending in federal court in New York while IBM has rejected the allegations.
Responses from Companies
“This complaint was filed six years ago, and the US Department of Justice declined to intervene. IBM is confident that our actions followed the letter of the law,” IBM spokesperson Adam Pratt said. Meanwhile, AT&T did not respond to requests for comment.
What Former IBM VP Said About the Companies Hiding Alleged Breaches Linked to Foreign Hackers
Barlow, who worked at IBM from 2017 to 2019, claims he personally witnessed numerous breaches affecting IBM's core network. The lawsuit alleges he was pressured by executives to soften internal reports and omit key details about cyber incidents. He also claims senior management “actively took steps to cover up and conceal” hacks from regulators and government clients.
“The data breaches are so large and the core networks so poorly designed that neither IBM nor AT&T knows exactly what data was breached, who breached the data, where the data was breached or whether any data was exfiltrated, altered and/or modified in any respect,” the lawsuit alleges.
Links to Chinese Hackers
Some of the alleged attacks were linked to Chinese government-backed hackers, according to the complaint. Barlow claims that APT10, a hacking group previously accused by US authorities of targeting government and commercial organizations, infiltrated IBM's systems. The lawsuit alleges that intelligence agencies informed IBM that internet addresses associated with its network were communicating with infrastructure used by APT10. An internal investigation reportedly identified more than 50,000 “potential APT 10 hits” between 2013 and 2016. Another probe allegedly found attackers had accessed nearly 400 compromised accounts and almost 200 systems and servers across 18 countries.
NSA Questions Dodged
Barlow also alleges that officials from the National Security Agency questioned him about suspected Chinese intrusions, but he was instructed to “dodge” those questions. The complaint does not identify who allegedly gave that instruction. IBM has denied the allegations.
Legal Proceedings
AT&T also did not respond to requests for comment. Barlow's attorney, Jason T. Brown, said the allegations involve billions of dollars in federal business between IBM and AT&T. “We’re looking forward to aggressively litigating the matter. You can’t sell cybersecurity to the federal government while allegedly having these security problem within your own company,” Brown said. The lawsuit was unsealed after a federal judge ordered it made public following the Justice Department's decision not to intervene. The reasons behind that decision have not been disclosed, and the case remains ongoing.
