A security breach at New York-based networking device maker Ubiquiti, which first came to light in January 2021, was allegedly orchestrated by a former employee of the technology firm, according to the U.S. Department of Justice.
Nickolas Sharp, 36, was arrested on December 1 on charges of stealing gigabytes of confidential information from the company and using it to demand nearly $2 million in ransom.
According to the indictment, Sharp was working as a senior developer and had access to Ubiquiti’s Amazon Web Services (AWS) and GitHub servers. In December 2020, the defendant downloaded gigabytes of confidential data from his employer using Surfshark VPN service to mask his IP address.
In January, Sharp made an attempt to extort his employer for ransom posing as an anonymous hacker claiming to have obtained unauthorized access to the company’s network. The ransom note sent by Sharp demanded 50 Bitcoin (nearly $1.9 million at the time) in exchange for the return of the stolen data and the information on the purported vulnerability in Ubiquiti’s network.
After the company refused to pay the ransom, Sharp published a portion of stolen data on a publicly accessible online platform.
In March, Sharp, posing as an anonymous whistleblower, falsely told media outlets that the data had been stolen by an unidentified hacker, according to the DoJ. Following the publication of these articles, the company’s stock price fell approximately 20%, losing over $4 billion in market capitalization.
Sharp has been charged with transmitting a program to a protected computer that intentionally caused damage, transmission of an interstate threat, wire fraud, and making false statements to the FBI. Each of these carry a maximum prison sentence ranging between two and twenty years.