A former Korn/Ferry regional director who launched his own search business has been convicted of hacking and trade secrets theft. David Nosal was found guilty last week on six federal charges that, in addition to three counts of computer hacking and two trade secrets charges, included one conspiracy count.
What makes this case especially noteworthy is that Nosal did no hacking nor did he download confidential Korn/Ferry files himself. Instead, former colleagues did it on his behalf. They later cooperated with the FBI and testified against him.
The case goes back to 2004 when Nosal, an eight-year veteran of Korn/Ferry, left to start his own search firm. For the first year, federal prosecutors said, Nosal partnered with his former employer, signing an agreement not to compete and not to use its trade secrets. Prosecutors said, he convinced two of his Korn/Ferry colleagues to quit and start their own firms, which he used as cover for independent searches until the non-compete agreement expired and he launched Nosal Partners.
Nosal also convinced them to get confidential “Searcher” reports for him using his ex-secretary’s computer credentials to access the database. The Searcher database is Korn/Ferry’s proprietary source list, containing confidential information about companies, executives, salaries, and the like.
The former colleagues and secretary testified against Nosal during the two-week trial in San Francisco as part of a plea bargain they struck with federal prosecutors.
The criminal case has a long history with twists that include appeals to the ninth circuit, which tossed out several charges brought against Nosal in 2008. After an investigation by the FBI, Nosal was charged with hacking under the Computer Fraud and Abuse Act. That charge stemmed from his accessing the Korn/Ferry system while he was still working for the company.
Article Continues Below
5 Ways to Hire Like It’s 2021
The appeals court tossed out the charge, saying unauthorized use of a computer system by an employee is not a criminal act, but a violation of company policy.
The government obtained new indictments against Nosal in February, and the case finally went to trial early in April. After two weeks of testimony, the jury took two days to decide. Because Nosal himself did not hack the Korn/Ferry computer system, the conviction sets up ground for yet another appeal to the 9th Circuit, and, because the CFAA has been interpreted differently by other federal appeals courts, could eventually wind up in the U.S. Supreme Court.
Nosal’s legal team has already asked the trial judge to set aside the conviction, a routine act in most criminal cases. A hearing and sentencing are schedule for later in the year. Nosal faces 10 years in prison and a $250,000 fine on trade secrets charges, and five years and a similar fine on the hacking conviction.