On Friday, Apple launched a legal battle against OpenAI over allegations of data theft. The tech giant claims that former employee Chang Liu exploited a zero-day vulnerability in the company’s network to download confidential files after leaving for OpenAI.
The complaint highlights the ongoing challenges companies face in protecting sensitive information once employees no longer work there, especially when zero-day vulnerabilities go undetected. Apple alleges that Liu took dozens of confidential hardware-related files over several weeks while working at OpenAI and continued to access the company’s network after leaving.
The case underscores the importance of robust decommissioning processes for former employees, as Apple had to terminate Liu’s access once the bug was discovered. The incident also raises questions about how such vulnerabilities are managed and communicated within organizations, particularly when they involve high-value data like unreleased product information and engineering specifications.
While Apple has fixed the bug and terminated Liu’s network access, the lawsuit may set a precedent for how companies handle such situations in the future. OpenAI has previously stated it has no interest in other companies’ trade secrets, but this case could have implications beyond just data protection.







