betty July 22, 2022

SINGAPORE – The hearing into a lawsuit brought by gaming hardware company Razer against an IT vendor was cut short on Friday (July 22), after the defendant’s former employee conceded that he caused the security breach that led to a data leak.

In the light of the concession, Justice Lee Sieu Kin said it was not necessary for technical experts to testify in the trial, which was scheduled till July 29.

The case was adjourned for written submissions to be filed by Aug 30.

Razer had sued Capgemini for causing a security breach in 2020 that resulted in a leak of its confidential customer and sales data.

It is seeking to recover from the vendor at least US$7 million (S$9.7 million) in losses it said it suffered, the bulk of which was the loss of profits from its e-commerce platform.

The trial opened in the High Court on July 13.

Razer contends that former Capgemini employee Argel Cabalag caused the security breach in June 2020 when he added a “#” command to a line of code, which effectively disabled the security settings of a computer system.

Razer said he was the only one who accessed the server during a 16-minute window when the misconfiguration occurred.

Between June 18, 2020, and Sept 10, 2020, data stored in the computer system was leaked to the public.

The breach was discovered by an independent cyber-security consultant who estimated that 100,000 customers worldwide had their shipping information and order details leaked.

On Thursday, before Mr Cabalag was due to take the stand, he told Capgemini’s lawyers that he wanted to inform the court that he now recalls that he was the one who caused the security misconfiguration.

He previously suggested that the misconfiguration could have been caused by Razer staff.

Mr Cabalag, who left Capgemini in September 2021, said his memory was jolted after seeing a screenshot from the report of Razer’s technical expert Mark Whittley.

On Friday, when questioned by Razer’s lawyer Wendell Wong, Mr Cabalag said he is no longer blaming Razer staff.