A former software engineer at Ubiquiti Networks, plead guilty They stole gigabytes of data from the company, tried to extort millions of dollars, and tarnished the company’s reputation in the media.
Nicholas Sharp, a 37-year-old from Portland, Oregon who worked in Ubiquiti’s cloud division, exploited privileged access to the company’s AWS servers and GitHub repositories to download gigabytes of confidential information.
Believing he used a SurfShark VPN account to hide his home IP address and steal data in the middle of the night, the temporary outage logged his real IP address.
as we previously reportedSharp then posed as an anonymous hacker and demanded $2 million for the safe return of the data and details of the vulnerabilities he allegedly exploited.
When Ubiquiti refused to pay the ransom, Sharp released some of the stolen files online.
Sharp’s home was raided by the FBI, and he told authorities that someone must have used his PayPal account to purchase a SurfShark VPN account.
Days after being questioned by the FBI, Sharp made the unusual decision to reach out to a tech journalist posing as an internal whistleblower. As a result, media reports about Ubiquiti’s security issues caused the company’s stock price to drop by 20%, pushing its market capitalization above his US$4 billion.
Sharp has now pleaded guilty to charges of wire fraud, false statements to the FBI, and willful harm by sending programs to protected computers. He faces up to 35 years in prison in total, with his sentence due on May 10, 2023.