We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

Are You Having A Technology Emergency?

SMG Business Solutions Ltd Blog

The Lessons to Learn from Coca-Cola’s Insider Trade Secret Theft

The Lessons to Learn from Coca-Cola’s Insider Trade Secret Theft

In today’s business, your data is your number one asset. For this reason it is important that you take steps to protect it. One case that accentuates this is the case of Xiaorong You, which is currently playing out in a Tennessee court. The accused is charged with stealing trade secrets and committing corporate espionage, as she is accused of allegedly stealing almost $120 million worth of BPA-free technologies from several companies, among them the Eastman Chemical Company and Coca-Cola.

Let’s take a look at how these two companies deployed their threat detection systems and the effect they had on the companies. 

You’s Story

Xiaorong “Shannon” You, a naturalized US citizen and Ph.D. in Polymer Science and Engineering, has worked at several companies since the early ‘90s. From December of 2012 to August of 2017, she worked for Coca-Cola as a principal engineer for global research, moving to the Eastman Chemical Company to work as a packaging application development manager from September of 2017 until June of 2018, when her employment was terminated.

During her tenure at both companies, You was given access to many trade secrets that only a handful of employees were privy to. In the indictment, You is charged with retaining these secrets (despite affirming that she hadn’t in writing) and then handing them over to the People’s Republic of China in an attempt to qualify for its The Thousand Talents program. This program has been used before to introduce advanced technologies to China, with the Department of Justice having prosecuted some cases similar to You’s.

Her modus operandi was that she retained this information by simply uploading data to her personal Google Drive account or captured especially sensitive information on her smartphone. Once she captured this data, You worked with a Chinese national named Xiangchen Liu to form a separate company in China that went ahead to use these trade secrets to begin revenue generation. They allegedly used an Italian BPA-free manufacturer to incorporate the stolen technologies onto their own products.

The theft of this information impacted several companies, including Coca-Cola and The Eastman Chemical Company, AkzoNobel, Dow Chemical, PPG, TSI, Sherwin Williams, and ToyoChem. This led to the charges she currently faces.

How You’s Employers Could Have Stopped Such Activities

There were stark differences between the way that Coca-Cola and The Eastman Chemical Company handled these issues. You left Coca-Cola in August of 2017, but her indictment states that the crimes she’s charged with didn’t happen until 2019. This means that Coca-Cola had no knowledge of the theft until after she had been exposed by her later employer. 

This fact is indicative of two reasonable hypotheses:

  1. Coca-Cola lacked the tools to detect such activities in real-time, making it far more difficult to prevent protected and sensitive data from successfully leaving the corporate environment.
  2. Coca-Cola also lacked the policies that could have prevented non-authorized devices from entering the workspace or otherwise being kept in proximity to sensitive company data or infrastructures. While old-fashioned, the concept of taking photographs of such information is no less effective for its age.

If you compare that to You’s sudden dismissal from the Eastman Chemical Company, you would have to consider that they had the data protection standards implemented to catch would-be thieves pretty rapidly.  If they hadn’t, the $120 million in trade secrets could have been substantially more. 

This just goes to show that any business can have the right idea about security, but not pay close enough attention to the details. Coca-Cola is a massive brand, but it couldn’t stop You from allegedly raking the company over the coals. 

If your business has information that you need to protect, whether it is covered by compliance regulations or not, the IT professionals at SMG Business Solutions Ltd can help you put in a platform that can keep your digital assets, intellectual property, and any other sensitive data secure. Give us a call today at 020 7898 3500 for more information.

Smart Technology Can Actually Help You to Streamli...
YouTube Can Help Take Your Business Where You Want...

By accepting you will be accessing a service provided by a third-party external to https://www.smg-business.com/

Contact Us

Learn more about what SMG Business Solutions Ltd can do for your business.

Call Us Today
Call us today
020 7898 3500

Office 1, Telfords Yard
The Highway, London E1W 2BQ

Latest Blog

Regardless of how airtight your organization’s password policies are, relying on passwords as your exclusive security measure just isn’t enough to resist some of today’s threats. This is why we—along with most other industry and security ex...

Copyright SMG Business Solutions Ltd. All Rights Reserved.

Please note all calls are recorded and all work is performed in accordance with our Terms of Business.