The Channel logo

News

By | Dan Goodin 10th January 2011 23:05

Lawsuit says Oracle pilfered source code from competitor

Tables turned on Ellison

Oracle – which recently won $1.3 billion in court damages for the theft of its trade secrets by an SAP subsidiary – faces a $100 million lawsuit alleging it engaged in similar behavior.

The complaint (PDF), filed in late December by Texas software company 2FA Technology, claims Oracle executives turned a blind eye when security company Passlogix stole source code for strong authentication and credential management software. Oracle went on to acquire Passlogix in November for $42 million and continues to sell rebranded Passlogix software containing the misappropriated code, the lawsuit alleges.

“Oracle's actions were done with the deliberate intent to injure 2FA's business, impede 2FA's recovery of its stolen property, and improve its own commercial advantage,” the complaint states. “By reason of the foregoing, 2FA has been damaged as a result of Oracle's illegal actions in amounts that will be determined at trial, but believed to be more than $10,000,000, plus interest.”

Including punitive damages, 2FA is seeking more than $100 million.

According to the 31-page complaint, Passlogix stole thousands of pages of trade secrets and hundreds of thousands of lines of source code after licensing 2FA's technology for credential management systems. Passlogix eventually used the code in its v-GO UAM product line, “in direct violation of the license agreement's non-compete and exclusive source provisions.” Oracle in turn folded it into its Oracle Enterprise Single Sign-on offerings.

According to 2FA, the license agreement expressly barred Passlogix from marketing its own credential management system. 2FA made the technology available to Passlogix under tightly restricted conditions, including provisions that allowed only programmers to see the code and secured servers that logged each person who accessed it. Despite the prohibitions, Passlogix Product Manager Gregory Simeone in July 2006 sent an email to many employees who had no required to access the source code. The material contained almost 100,000 pages worth of intellectual property and “hundreds of thousands of lines of source code.”

In April 2007, Passlogix presented its own credential management solution to a third-party prospect. In March of last year, the company released v-GO UAM and granted more than 10 million free licenses to a related product. In October, when Oracle announced its intention to acquire Passlogix, it cited customers' need to “provide stronger authentication mechanisms while reducing the number of passwords required." On the day of the announcement, Oracle's market capitalization spiked by more than $1 billion.

2FA's allegations in many ways resemble a case Oracle brought against SAP subsidiary TomorrowNow three years ago. In November, around the same time it was acquiring Passlogix, Oracle won a $1.3 billion jury verdict in the case and since pursued interest on that amount. ®

comment icon Read 4 comments on this article alert Send corrections

Opinion

Chris Mellor

Drives nails forged with Red Hat iron into VCE's coffin
Sleep Cycle iOS app screenshot

Trevor Pott

Forget big-spending globo biz: it's about the consumer... and he's desperate for a nap
Steve Bennet, ex-Symantec CEO

Chris Mellor

Enormo security firm needs to get serious about acquisitions

Features

Windows 8.1 Update  Storeapps Taskbar
Chinese Buffet self-service
Chopping down the phone tree to scrump low-hanging fruit
An original member of the System/360 family announced in 1964, the Model 50 was the most powerful unit in the medium price range.
Big Blue's big $5bn bet adjusted, modified, reduced, back for more
Microsoft CEO Satya Nadella
Redmond needs to discover the mathematics of trust