Former Ubiquiti employee Nickolas Sharp has pleaded guilty to stealing confidential data from the company and extorting the company for ransom.
Sharpe worked as a senior software engineer at Ubiquiti and was entrusted with secret company information.
- Ubiquiti is an N.Y.-based provider of wireless network hardware. Sharp managed the company’s cloud team from Aug. 2018 to April 2021, giving him access to Ubiquiti’s Amazon Web Services (AWS) and GitHub servers, which he would eventually exploit.
- According to a press release from the U.S. Department of Justice, In Dec. 2020, Sharp “repeatedly misused his administrative access to download gigabytes of confidential data from his employer, ”using a Surfshark VPN to hide his IP address. However, Sharp’s IP address later became visible due to a temporary internet outage at his residence.
- Later, around Jan. 2021, Sharp posed as an anonymous hacker and sent a ransom note demanding $1.9M to the company’s computer networks. The company refused to give in, and Sharp retaliated by “publishing a portion of the stolen files on a publicly accessible online platform.”
- Ubiquiti’s stock dropped 20%, resulting in a loss of over $4B in market capitalization following the incident.
- Sharp pled guilty to these crimes on Feb. 2 and faces a maximum sentence of 35 years in prison.
