BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Express Scripts sues Ernst & Young over data breach

From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Tue, 19 Feb 2013 09:54:58 -0500
http://www.northjersey.com/news/191701131_Express_Scripts_sues_Ernst___Young_over_data_breach.html

ST. LOUIS - Express Scripts Holding Co. has filed suit against Ernst &
Young LLP and one of its partners, alleging that they stole trade
secrets and proprietary data from the pharmacy benefit manager with
"an evil motive."

The lawsuit, filed last week in state court in Clayton, Mo., claims
that Ernst & Young partner Don Gravlin had been "sneaking" into its
headquarters and emailing the equivalent of 20,000 pages of data to a
private Google account. The suit charged that this data included
information on pricing, strategy and projections for Express Scripts,
which last year acquired Franklin Lakes-based Medco Health Solutions
Inc. for $29.1 billion.

"E&Y and Gravlin were possessed of an evil motive," the suit said,
claiming that the accounting firm planned to use the data to help
build its own health-care business segment.

Ernst & Young said it had investigated the allegations a few months
ago and did find that its company policies had been violated.

"The individual at the center of these allegations is no longer with
the firm," Ernst & Young spokeswoman Amy Call Well said in an email.
She did not identify the person.

The accounting firm will contest all the claims in Express Scripts'
lawsuit, Call Well said.

- Bloomberg News
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.
Previous By Date Next
Previous By Thread Next

Current thread: