Connect with us

News

Apple says former employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI

info

Published

on

Apple ghost logo.jpg

On Friday, Apple dropped the bombshell news it was suing OpenAI over the alleged theft of trade secrets, claiming that OpenAI stole Apple’s confidential data and engaged in efforts to learn proprietary information while recruiting former Apple employees.

In accusing OpenAI of stealing secrets about Apple’s unreleased products, Apple revealed that a former employee allegedly siphoned reams of sensitive files from the company’s shared network folders, weeks after leaving Apple for a job at OpenAI.

In its complaint, Apple says the former employee, a system electrical engineer named  Chang Liu, allegedly “exploited a rare, previously unknown authentication bug” that allowed access to the company’s network. The bug is classified as a zero-day vulnerability, meaning that Apple had no time to fix it before it was allegedly exploited.

Apple has since fixed the bug and said it terminated the employee’s access once it learned of this “security breach.” In its complaint, Apple said the bug could have allowed a “few other” people to access data on its network, but alleged that only Liu exploited the bug to steal Apple’s confidential information while no longer an employee, citing a check of its server logs. 

The disclosure, while light in detail, highlights the challenges that organizations face with protecting sensitive corporate data after employees no longer work there. Companies often move to immediately cut off departing staff from further access to protect any sensitive information from leaving, including inadvertently. Companies that fail to fully decommission their employees’ accounts can face future security lapses, data breaches, or malicious actions by disgruntled staff.

Apple spokespeople did not respond to an email from TechCrunch with questions about the security vulnerability, how it was exploited, and when the company decommissioned the employee’s credentials.

“LOL… so funny.”

In the complaint, Apple alleged that Liu took “dozens of Apple’s confidential hardware-related files” over the course of several weeks while as a new OpenAI employee. 

Apple said the files contained “detailed information about unreleased products, engineering presentations, technical specifications, and proprietary project data.” 

The company claims Liu failed to return the Apple-issued work laptop he had previously used to access Apple’s network, suggesting it was once able to send and receive files from Apple’s internal systems. The complaint said that Liu allegedly claimed to have “another computer.” While he was at OpenAI, Liu also allegedly misused the access of an acquaintance, Yu-Ting Peng, a then-Apple employee who later went to work for OpenAI. Liu allegedly used Peng’s Apple-issued work laptop “while she was still employed at Apple and he was not.”

Apple said that during February 2026, Liu “tried to access Apple’s network storage — a cloud-based file repository containing Apple’s confidential engineering files, project documentation, and other proprietary information.”

Liu had allegedly discovered that he “still could access Apple’s network repository after leaving Apple, the result of a then-unknown authentication vulnerability.”

Apple did not describe the authentication “bug” that Liu allegedly used to access Apple’s network. However, authentication bugs generally refer to flaws in the login process that allow improper access to systems or data, either because of a weakness in how the login mechanism works or due to a misconfiguration, such as overbroad permissions or not decommissioning the login credentials of a former employee. 

Apple wrote in its complaint that when Liu learned he had unauthorized access to Apple’s systems, he did not report the bug to Apple under his employment agreement obligations, nor did he return his Apple-issued work laptop. 

The complaint added that Liu also failed to “delete the program that allowed the access” to Apple’s network. The company did not say what program or app that Liu allegedly used to access Apple’s systems. It’s not uncommon for employees to have tools, such as a work-approved VPN or remote-viewing app, that allow them to access sensitive data from outside of the company’s offices using their credentials.

Given that Liu was previously granted credentials to Apple’s network as an employee, TechCrunch asked Apple when the company decommissioned Liu’s access, but we did not hear back.

Once Liu allegedly gained access to the network share, he wrote to Peng: “LOL, I found out I can access the [network storage], so funny.”

Apple filed its suit in the U.S. District Court for the Northern District of California in San Jose, and has demanded a jury trial. OpenAI previously said it has “no interest in other companies’ trade secrets.”

The case, if it proceeds, could begin this year.

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

Osun at crossroads, Adeleke, Oyebamiji others will sign peace accord – ODA

info

Published

on

By

Ademola Adeleke Bola Oyebamiji .jpg

Indigenes of Osun State in the diaspora, under the auspices of the Osun Development Association (ODA), have declared that the governorship candidates of political parties contesting in the forthcoming election in the state will sign a peace accord ahead of the poll.

ODA noted that this is necessary in view of the prevailing situation in the state and to prevent a breakdown of law and order.

The group explained that the current governor and Accord candidate, Senator Ademola Adeleke; the All Progressives Congress (APC) candidate, Mr Bola Oyebamiji; the Action Alliance candidate, Olanrewaju Farinloye; the African Democratic Congress (ADC) candidate, Najeem Salaam; the African Action Congress (AAC) candidate, Esan Olajide; and other candidates will sign the peace pact.

Chairman of ODA’s Leadership and Governance Committee, Dr Tunji Olugbodi, made the declaration in a statement heralding the planned summit where candidates of the political parties will sign the peace accord to prevent violence before, during and after the election.

Olugbodi, in the statement made available to DAILY POST on Monday evening, explained that the state is currently at a critical democratic crossroads.

He said the summit, with the theme, “Speak, Choose, Hold Accountable: Citizens at the Centre of Osun’s Democracy,” is billed to take place in Osogbo because it is necessary to commit all the major stakeholders to a peaceful electoral process.

Olugbodi added that the group believes the state can set a national benchmark for peaceful, credible elections.

The summit is expected to bring all stakeholders in the electoral process under one roof to chart a way forward in order to prevent any uncertainty before, during and after the election.

Olugbodi said, “Osun State is at a critical democratic crossroads. The Osun Development Association (ODA) has finalised arrangements to host the Osun 2026 Democratic Governance, Peace and Electoral Integrity Summit, a high-level civic intervention designed to steer the state’s political discourse toward issue-based campaigning and away from rising tension ahead of the August governorship election.”

ODA Chairman, Dr Segun Aina, in his contribution, noted that the collective participation of all stakeholders is necessary for the forthcoming election.

Continue Reading

Health

Nigeria launches food procurement guidelines to tackle unhealthy diets, improve nutrition

info

Published

on

By

WhatsApp Image 2026 07 13 at 19.24.17.jpeg

MTN ADVERT

The federal government has launched the National Guidelines for Public Procurement of Food and Related Services.

The framework introduces nutrition standards for food purchased with public funds as part of efforts to reduce unhealthy diets and curb the growing burden of non-communicable diseases in Nigeria.

The guidelines, unveiled on Monday in Abuja at an event themed “Public Procurement of Food: Promoting a Culture of National Wellness Through the Food Value Chain,” are expected to influence food served in public institutions, including schools, hospitals, correctional centres and military establishments, by setting evidence-based standards on nutrition, food safety and quality.

Delivering his keynote address at the launch, the Minister of State for Health and Social Welfare, Iziaq Salako, said the initiative marks a shift from viewing public procurement as a routine administrative process to using it as a strategic tool to improve public health and national development.

“When the government demands healthier, safer and more nutritious food, it creates incentives for the entire food system to innovate, improve quality and align with higher public health standards,” he said.

PT WHATSAPP CHANNEL

Why it matters

Mr Salako said the government remains the country’s largest institutional purchaser of food, meaning procurement decisions have the potential to influence food production, consumer behaviour and nutrition standards across the food value chain.

According to him, the guidelines establish limits on sodium, sugar and unhealthy fats in foods procured by public institutions while encouraging balanced and nutritious diets.

He said the document complements existing national policies, including the National Guideline for Sodium Reduction, the Trans Fat Regulation and the 2023 National Policy on Food Safety and Quality.

Rising burden of unhealthy diets

Mr Salako noted that unhealthy diets contribute to about 7.2 million deaths globally every year, driven largely by excessive consumption of salt, sugar and unhealthy fats as well as inadequate intake of fruits, vegetables and whole grains.

He revealed that the average Nigerian adult consumes between 3.9 grammes and 4.9 grammes of sodium daily, almost double the World Health Organisation’s (WHO) recommended limit of 2 grammes.

Mr Salako added that increasing consumption of sugar-sweetened beverages has contributed to rising rates of obesity and diabetes, prompting the introduction of the sugar-sweetened beverage tax, while industrial trans fats have also been restricted under Nigeria’s Trans Fatty Acid Regulation.

“These measures are designed to control dietary patterns that fuel the growing burden of non-communicable diseases, placing enormous pressure on health systems, national economies and household incomes,” he said.

Child malnutrition remains a concern

Mr Salako also highlighted the country’s persistent nutrition challenges, noting that malnutrition remains a direct or underlying cause of nearly half of the deaths among children under five years.

He said the Nigeria Mini Demographic and Health Survey found that about four in every 10 Nigerian children under five are stunted, while nearly two million children suffer severe acute malnutrition annually.

READ ALSO: PT Health Watch: What expectant parents should know about Rhesus incompatibility

“These are not merely health statistics. They represent profound human capital challenges with significant implications for educational attainment, labour productivity, household prosperity, national competitiveness and sustainable economic growth.”

Implementation key

Mr Salako stressed that the success of the guidelines would depend on effective implementation rather than their launch.

He urged procurement and accounting officers across government institutions to ensure compliance, noting that procurement decisions influence health outcomes, productivity and public confidence in government.

He added that the Federal Ministry of Health and Social Welfare would continue to promote disease prevention through healthier public policies as part of efforts to achieve universal health coverage.


Continue Reading

Trending