Security giant Intel is pursuing legal action against a former software engineer, Jinfeng Luo, accused of downloading approximately 18,000 confidential files — including documents marked “Top Secret” — from company systems just prior to his departure and then disappearing.
Details of the Alleged Theft and Legal Response
Luo, who began employment with Intel in 2014 and was officially notified of his termination on July 7, 2024 — as part of the company’s large‑scale workforce reduction — is accused of initiating unauthorized data transfers from his work laptop. According to the lawsuit, his first attempt on July 23 was blocked by security controls. Three days later, however, he allegedly succeeded in transferring the volume of files to a personal network‑attached storage (NAS) device.
“The unauthorized file transfer immediately triggered an internal investigation.”
Intel asserts that the extricated files included materials labeled “Top Secret” and that the company has spent months trying to reach Luo via phone, email and postal correspondence — all without success. The firm is now seeking US$250,000 in damages as well as the return of the stolen data and an injunction preventing further disclosure.
Although this matter is framed as litigation, it echoes a larger pattern in which departing or terminated employees present an elevated insider‑threat vector — especially during mass layoff events like Intel’s. With nearly 35,000 jobs cut within the company during the last two years amid connective business pressures, the timing of Luo’s actions offers a cautionary warning.
Organisations must increasingly consider:
- Immediate revocation of access after termination notice;
- Robust monitoring of data transfers and external device usage;
- Clear off‑boarding protocols to prevent unmonitored “walk‑away” data exfiltration.
In the industrial and technology sectors where intellectual property constitutes a primary asset, failing to secure these controls can translate into direct financial loss, competitive disadvantage and reputational damage.
In totality, the case serves as a high‑visibility example of how even well‑resourced corporations are vulnerable to rapid, successful extraction of sensitive data by trusted insiders — especially during periods of organisational turbulence.
