Michael Leeper worked in Columbia Sportswear's IT Department for more than a decade. Now federal prosecutors are charging the former Director of Technical Infrastructure with computer fraud.
Prosecutors allege that when Leeper left the company in 2014, he continued to access the Columbia Sportswear network for more than two years and that he did so with the hopes of financial gain.
Leeper went to work for one of the sportswear maker's IT vendors, Denali Advanced Integration.
How is this possible that a former employee gains network access for so long?
According to a lawsuit Columbia Sportswear filed earlier this year against Leeper and his new employer, Leeper created a network account under a fake name during his final hours of employment.
The lawsuit alleges he set up the account under the the fictitious name of 'Jeff Manning' and that he then used the account to hack into the Columbia Sportswear network approximately 700 times.
The suit claims he allegedly went after IT employee emails, getting unauthorized access to IT equipment upgrade budgets, files showing Columbia’s prior IT spending and projected spending, communications between Columbia and Denali’s competitors, and event vendor contracts.
Denali terminated Leeper on March 14, 2017, saying this about the situation:
“In conducting our own investigation into claims made by Columbia Sportswear, we discovered that Mike violated Denali policy through his use of a personal laptop that he acquired while employed by Columbia, and that he had used for his work at Columbia,” said CEO Majdi Daher. “This violation spurred his termination.”
The SecureWorld news team is tracking developments of this insider threat case and will let you know what happens as the charges move forward in federal court.