A software programmer charged with copying secret financial-trading code from Goldman Sachs computers is out on $750,000 bail.
Sergey Aleynikov, 39, a naturalized U.S. citizen who emigrated from Russia, had resigned from his $400,000-a-year Goldman Sachs job on June 5 to take a new job in Chicago. Before going, however, he uploaded code from his workstation to a server in Germany and then downloaded it to his computers at home, according to an FBI complaint filed over the weekend in a federal court in Manhattan.
The copied code was “capable of quickly obtaining and processing information regarding rapid [market] developments…and allows [Goldman Sachs] to employ additional programs that use sophisticated mathematical formulas to place automated trades in the markets based, among other things, on the latest market conditions,” according to the complaint.
Goldman claimed that the code gave it a competitive advantage over other firms and enabled it to make many millions of dollars per year, according to the complaint. And if competing firms were to use its features, Goldman's ability to generate revenue from its speed and efficiency would be “significantly diminished.”
A source familiar with the situation, who asked not to be identified because of its confidential nature, told SCMagazineUS.com on Tuesday that the company detected the data theft through monitoring of its email systems and then contacted authorities.
“There has been no harm done to any Goldman Sachs businesses or any Goldman Sachs clients,” the source said.
Aleynikov claimed that he only intended to copy open source files that he had worked on, and only later realized that he had copied more files than he wanted, according to the complaint. He said he did not distribute any of the proprietary software and that he had abided by an agreement he entered into with his new employer that he was not to use any unlicensed software.
Of course, it would have been more useful to Goldman Sachs if some mechanism were in place to actually prevent the software from being sent out from their networks, security experts said.
“The controls were in place to detect it, but they should have had controls to prevent it as well,” Avivah Litan, vice president and distinguished analyst at Gartner, told SCMagazineUS.com on Tuesday. “The [data leakage prevention] technologies available typically can see things that are leaving the company, but data must be defined properly. Goldman did that, but they should have been able to stop the code from leaving the company.”