Ex-Microsoft staffer gets 3 months for spilling Win 8 secrets, deportation to Russia

Ex-Microsoft employee Alex Kibkalo, who was charged in March with leaking Windows updates as well as software that validates product key codes, has been found guilty and is facing prison and deportation.

Kibkalo, a 34-year-old Russian citizen, has been sentenced to a three-month prison term. Following his served jail time he will be deported to Russia.

Kibkalo was working for Microsoft in its Lebanon office. A court found him guilty of leaking pre-release updates for Windows 8 RT (a tablet OS) to a French blogger in July and August 2012. After an internal Microsoft investigation, the FBI became involved and discovered Kibkalo provided the same blogger with an Activation Server SDK (a software development kit) that contained internal code that is used in creating the activation systems that validate product keys. Product keys are Microsoft's main anti-privacy tools.

Kibkalo was arrested on March 19, while at Microsoft offices in Bellevue, Wash., in the United States. It is believed he committed these crimes as retribution after receiving what he felt was a poor performance evaluation. Kibkalo had worked for Microsoft for a total of seven years, dividing his time between Russia and Lebanon.

Kibkalo accepted a guilty plea on charges of theft of trade secrets on March 31 in exchange for settlement of a three-month prison term and a $22,500 restitution payment to Microsoft. This amount was later amended to $100. This fine was then waived by the court in the belief that Kibkalo would likely be unable to pay it. When he was sentenced June 10, his three-month prison was cut to four days, since he had already served 86 days after he was arrested. He is expected to be deported when he is released.

Kibkalo sent a letter to U.S. District Court Judge John Coughenour in which he expressed remorse for his actions and promised to learn from his mistakes.

Kibkalo wrote "I was making a wrong decision to discuss certain company projects with external party. As of now, I deeply regret that I have shared that information. Having done that I have lost a job, one can only dream about. Moreover, when I have found another interesting job a year after, the echo of my mistakes took that from me, too."

The case raised concerns among privacy watchdogs, as Microsoft gained access to the French blogger's Hotmail account during the course of the investigation.

At first, Microsoft justified its actions as within its rights to pry under "exceptional circumstances," but later decided that in future investigations it will defer to law enforcement.

In a statement on a Microsoft blog by Brad Smith, general counsel and EVP of legal and corporate affairs, the company said "effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer's private content ourselves. Instead, we will refer the matter to law enforcement if further action is required."

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics