Nimesh Patel, a former IT worker at Worcester, Mass.-based Allegro MicroSystems, has been accused of putting a malicious computer programming code in the company network.
The Indian American tech specialist, of Shrewsbury, Mass., worked at Allegro from Aug. 26, 2002 through Jan. 8, 2016 in the company’s IT department.
He is charged with violating the Computer Fraud and Abuse Act, trespassing and conversion, according to a lawsuit filed in August 2016.
Attorneys of Allegro and Patel had a status conference with Judge Timothy S. Hillman April 7 and have scheduled another meeting at the U.S. District Court for Sept. 14, according to a Telegram and Gazette news report.
Patel, who had systems administrator privileges on Allegro’s network, had access to a computer file containing company password files, according to court documents, the report said.
Patel, considered an expert in Oracle programming, which Allegro relies on for many aspects of its business, supported and developed code updates to improve the company’s Oracle finance module, the suit said.
At the time of his resignation in January last year, he returned one of his two company laptops, the court documents said, according to the Worcester, Mass.-based publication.
When Allegro learned that Patel hadn’t returned his second business laptop, it had requested for it to be returned, since it was capable of accessing Allegro IT systems if the user had an active password, the report said.
However, Patel returned an old laptop after having wiped clean the operating system installed on the laptop when he received it, court documents say.
Then on Jan. 31, 2016, Patel allegedly trespassed onto the grounds of Allegro to come within the wireless network’s range at which time he used the secondary notebook from Allegro, allegedly used the password for another employee of Allegro, and gained access to the company’s network, the Telegram and Gazette report said.
He then allegedly used a system administrator logon and password to upload and insert the malicious Oracle programming code to Allegro’s finance module, it said.
The code was designed to copy certain headers or pointers to data into a separate database table and then purge those headers from the finance module, thereby rendering the data in the module worthless, it said.
Additionally, the IT worker created a “time bomb” feature that would activate the code on the first week of the fiscal year in 2016.
Allegro’s IT department received notice from the company’s finance department of inconsistencies in the Oracle environment on April 14 last year, the report said.
A week and a half later, the company found the malicious code while performing a comparison with a prior version of the code as part of its effort to investigate the discrepancies.
An investigation led to the discovery of Patel making several unauthorized sign-ins after his resignation, according to the report.
Patel’s code cost the company more than $100,000, according to the report.