Indiana resident James M. DiBlasio woke up to more than a hangover the morning after a three-day drinking binge. At some point during the 72 hours that he was drunk he managed to hack into the Denver-based server of his employer, Ski.com, and change various data such as flight reservations and contact information. According to a statement by DiBlasio’s attorney, H. Michael Steinberg, he woke up the morning after “wondering what he had done, and trying to fix the area he had damaged.”

DiBlasio was convicted of two felonies for hacking into his employer’s computers. He originally faced 10 charges, fines between $100,000 and $250,000 and up to three years in prison if convicted, however that was reduced following a plea agreement. Fortunately for Mr. DiBlasio, he only has to pay $13,096 in monthly installments of at least $250 as well as spend six months under house arrest followed by three years of probation.

Ski.com president Harry Peisach took a soft-hearted tone when asked about the event. The Aspen Times reports:

“We’re happy there’s a resolution … I’m sorry what happened to him but it was important for us to present this to law-enforcement authorities and this was the appropriate course for them to take.”

On top of wearing an electronic monitoring device, DiBlasio “will not be allowed to have a cordless telephone, an answering machine, or any other ‘special services’ related to telecommunications,” the judge ruled.

“Alpha has suffered and continues to suffer irreparable damage as a result of defendant’s misappropriation of Alpha’s confidential, proprietary and trade secret information.”

Vance hasn’t shown up to any of his eight scheduled court appearances, maybe because he was so busy acquiring jobs at rival companies. In 2005, according to the Herald Tribune, he worked for Florida-based Alpha Mining Systems, Alpha’s China-based competitor Guizhou Tire Co. and United Arab Emirates-based Al Dobowi Group. His job description? Hand over secret Alpha documents to its rival firms, including design blueprints, and advise rivals’ clients that they now can get Alpha designed tires directly from Guizhou.

There’s no word on whether Vance can afford to pay the $19.7 million fine or not (as the Herald Tribune puts it, he may not have the “wherewithal”). It’s also unclear how Vance got the idea to work for Alpha’s overseas rivals in the first place – whether he was disgruntled and reached out to them, or the other way around. Whatever the case, he’s been barred “from working in mining worldwide or contacting his current employers or any current or former customers of Alpha.”

There is one minor fault in the story worth noting: The Herald Tribune states, “Del-Nat Tire Corp. and American Tire Corp. were buying a combined average of $1.9 million per month from Alpha until April 2005, when they stopped buying anything.” American Tire Corporation fervently denies having ever heard of Alpha, yet alone conducting business with the company. So, for all of you conducting business with ATC, don’t worry they’re in the clear.

Over a 16-hour period in September, the company discovered 1,100 emails from a supposed employment agency containing files allegedly offering information on potential job candidates. The emails included personal details of the targeted executives, such as full names and position titles, in order to seem more reputable.

What MessageLabs discovered is that the files, most of which were in Microsoft Word format, included Trojan horses designed to steal corporate secrets.

Trojan horses, or Trojans, have been around for quite some time in the computing world. They become installed when a user unwittingly opens a program containing malicious code. The program then infects the computer, allowing hackers remote access. More recently, hackers have been able to develop Trojans that install themselves after a user opens an image or PDF file containing the rogue program.

In the past, similar attempts at data mining included “phishing” schemes, where scammers who posed as reputable sources sent out emails asking for personal information such as bank accounts or social security numbers.

The danger with the new methods, as experts point out, is hackers are becoming increasingly adept at making infected email attachments appear legitimate and increasing the chances that those files get opened by the recipient.

Commentary: Trojans can come from more than just emails, it’s also possible to acquire them through downloads, websites, peer to peer programs and, on rare occasions, physically being installed on a computer. Although they have been around for awhile (at least since the early 80′s), many people are still oblivious towards the harm they can cause.

The quick fix: keep business computing use for business purposes. Don’t put yourself at risk by viewing less than reputable websites or downloading unnecessary programs. And, most importantly, if you get an email attachment from a sender you don’t recognize: don’t open it!

The information was presented at an evidentiary hearing after Hawaiian Airlines sued Mesa Air Group for allegedly starting a low-fare Hawaiian airline, Go!, based on illegally obtained information. Hawaiian Airlines accused Mesa of obtaining the information from one of its employees that posed as a potential investor during Hawaiian’s bankruptcy.

Sidney Levinson, attorney for Hawaiian Airlines, raised an eyebrow at the claim. He called the news “a transparent effort to distract the court’s attention and undermine the credibility of one of Mesa’s most senior officers.”

“You have to wonder why Mesa thinks that smearing their own star witness with allegations of pornography benefits them,” he said.

Christopher Pappaioanou, Vice President for Legal Affairs at Mesa, defended Mesa’s allegations. Pappaioanou testified that he discovered Murnane looking at pornographic websites when he came into work one Saturday morning.

Hawaiian Airlines is hoping for an injunction against Mesa Airlines, prohibiting the company from selling tickets for a year, as well as monetary compensation.

A San Jose U.S. District Court grand jury indicted Lan Lee, 42, of Palo Alto and business partner Yuefei Ge, 34, of San Jose for allegedly developing microchips through their company, SICO Microsystems Inc., based on stolen designs. They are accused of reaching out to Chinese government agencies for funding, including a branch of the Chinese military.

Mountain View-based NetLogic Microsystems Inc. and the San Jose office of Taiwan Semiconductor Manufacturing Co. are two of the companies from which Lee and Ge allegedly stole classified documents.

Only three people have ever been found guilty of economic espionage in the United States – all were from Silicon Valley.

Now the emails are posted on various sites around the web.

One key strategy that MediaDefender employs to combat illegal downloads is flooding various BitTorrent applications with phony material. However, the stolen emails also exposed some of MediaDefender’s less-scrupulous endeavors.

One such strategy was a fake pirate site called WiiVii.com that offered copyrighted files ready to download. As someone downloaded from that site, their IP address was saved in MediaDefender’s databases. Additionally, software was unknowingly installed on the user’s computer effectively turning it into a “zombie machine” helping to send fake files across file-sharing networks.

Commentary: There’s no real “good guy” in this situation. Yes, the emails were stolen, but they showed off some of the dirtier tactics employed by MediaDefender. Companies have started using progressive methods of fighting piracy and it’s inevitable that they’re going to have to do the same thing with online file sharing. All that money and effort fighting Napster early this century didn’t put a dent in peer-to-peer networks, or the new and improved methods of downloading files through BitTorrent.

The company reported on July 3rd that the administrator illegally downloaded the information and sold it to a third party data broker, who in turn sold the data to various marketing companies.

Fidelity National confirmed that the unnamed employee had been fired.

Commentary: Over 3.5 million credit card accounts were taken along with over 1.4 million credit card numbers. This is a prime example of how one employee can cause significant damage to a large corporation, their reputation, and their clients.

At issue was that in trying to protect competitive secrets, court officials didn’t sufficiently “black out” redacted portions of the court filings – and thereby the information could still be read.

Among the inadvertent disclosures was that Whole Foods prohibits its suppliers from doing business directly with Wal-Mart as Whole Foods “wants Wal-Mart to have to go through distributors because that raises Wal-Mart’s costs.”

The Rocky Mountain News has the best piece on what was supposed to be secret.

Commentary: Someone needs to get a better black magic marker.

The most recent setback was a very embarrassing federal judge ruling last week that Qualcomm had knowingly failed to turn over thousands of relevant documents in a patent trial against Broadcom. Judge Rudi Brewster said that Qualcomm knowingly concealed the documents and ordered that the company pay all of Broadcom’s legal expenses as result. Lupin had written an apology letter to the judge back in April after Qualcomm’s outside counsel discovered documents the company hadn’t previously produced that revealed facts “inconsistent with certain arguments that we made on Qualcomm’s behalf.”

Commentary: Perhaps most interesting is how the stock price reacted… it went up by nearly 3%. With 1.67 billion Qualcomm shares outstanding, that translates into a $1.72 billion gain for investors. Maybe they should fire more people as it seems to be working! Not sure how sustainable that business model would be though.

Schetty, concerned that Rohm and Haas would steal Technic’s bid with Intel, convinced unnamed Technic and Amkor employees to sabotage Rohm and Haas’ test at an Amkor facility in the Philippines. Schetty is looking at a possible maximum sentence of 10 years in prison, 3 years probation and a $250,000 fine. He agreed to pay $15,536 in restitution to Rohm and Haas.

Read the full article.

Commentary: Talk about going to extremes to stop the competition. Schetty actually convinced Technic employees that it was ‘good business’ to destroy a rival’s product. Another example of how one employee can ruin an entire company (even their own).

To help protect its reputation, IBM announced this week that it was establishing a code of conduct to govern its more than 5,000 employees who have a presence (or “avatar”) on “Second Life” and other online universes.

IBM appears to be the first corporation to create rules governing virtual worlds- its guidelines address such things as protection of intellectual property, export controls (!), proper attire, and even sexual harassment and discrimination:

IBM strives to create a workplace that is free from discrimination or harassment and takes steps to remedy any such problems. External virtual worlds, however, are outside of IBM’s control. If you are in a virtual environment in conjunction with your work at IBM and you encounter behavior there that would not be acceptable inside IBM, the recommended approach is to ignore such behavior and to “walk away” or even sign out of the virtual world.

Commentary:Check out the full IBM net-world guidelines here.

Back in the Q2 edition of Ethisphere, we reviewed IBM’s “real world” code of conduct and were impressed – while this online code is not quite as good, they are the first corporation to have established one of its kind, which is impressive in its own right.

See the avatar in the picture up above? That’s the avatar of Sam Palmisano, the CEO of IBM. Other than dressing himself in the IBM blue, it looks like he grew about a foot and hit the gym… sure beats having to work out for real.

The suit is asking for Pfizer to provide long-term identity theft insurance as well as compensation for damages the 17,000 employees may have incurred. Currently the company is providing a one year, $25,000 identity theft insurance policy as well as one year of free access to a national credit reporting company.

Read the story as posted by Forbes.

Commentary: Adding insult to injury, it took over nine weeks for Pfizer to inform the violated employees of the infraction after it became known to the company. This seems like an unfortunate amount of time for such important information to be known to the victims.

Underscoring the severity of the misconduct, this was the largest fine that AMF could have levied.

At issue is that GLG allegedly illegally used sensitive information to trade shares in Vivendi, ahead of a bond issue by the French media group. Three other hedge funds – UBS O’Connor, Meditor Capital Management and Ferox Capital Management – were also fined for the same offenses.

The bookrunner for the bond issue, Deutsche Bank, was also fined €750,000 for failing to keep adequate records of phone conversations and destroying potential evidence around the illegal trading (which occurred back in November of 2002).

News of a convertible bond sale often sends a company’s shares lower – and when the news of Vivendi’s impending bond sale broke, its stock dropped 14%. Investment banks typically phone investment funds prior to this official announcement to gauge their interest in the offering in a process known as “book building”. Hedge and other investment funds are forbidden from trading on this inside information- but GLG and the other three funds apparently freely traded on the information.

Deutsche Bank was also fined $11 million earlier this year by regulators in Britain for “market misconduct” connected to two stock offerings it managed in 2004.

Commentary: This is just bad business all around. And you can be sure that for each time that fund is unlucky enough to get caught – there are 50 more instances where they weren’t. Hedge funds are rife with insider trading… and increasingly good at covering their tracks (the cases are hard to prove to begin with).

Investigators with the office of the attorney general found the documents in a dumpster behind a CVS store in Liberty, Texas, near Houston, Abbott’s office said.

Medical prescription forms with name, address, date of birth, issuing physician and the types of medication prescribed were found, along with hundreds of active debit and credit card numbers with expiration dates…

According to the attorney general, CVS violated a 2005 law that requires businesses to protect customer records with sensitive information, including credit and debit card numbers.