Oracle Sues SAP For A Big Corporate Theft

By Deborah Gage  |  Posted Thursday, March 22, 2007 23:03 PM

Oracle filed a complaint against SAP on March 22 in U.S. District Court in San Francisco, alleging "corporate theft on a grand scale." Oracle claims SAP conducted a sweep of materials on Oracle's password-protected customer support website, downloading software updates, bug fixes and numerous other copyrighted materials across the entire PeopleSoft and JD Edwards product lines, 10,000 times.

The goal? To bolster SAP's ability to offer support for Oracle's products and ultimately lure Oracle customers to SAP, Oracle says. The thefts allegedly occurred between September 2006 and January 2007. (Larry Dignan over at ZDNet's Between the Lines has a good summary of Oracle's complaint here.)

How did Oracle figure out this alleged SAP plot? Oracle claims to have discovered automated, wholesale downloading of its materials from an IP address originating in Bryan, Texas, the home of TomorrowNow, the company SAP acquired to support PeopleSoft, J.D. Edwards and Siebel software as Oracle snapped up those manufacturers.

Log-ins on the Oracle site were from Oracle customers with expired or soon-to-expire support contracts who were departing for SAP. Some had already departed. Fake information was supplied with some of the customer log-ins: a user name of "NULL," an e-mail address of test@testyomama.com, a phone number of 123-456-7897. Some customers who been downloading only a few materials were suddenly downloading thousands. The customer roster includes some big names--Merck & Co., Honeywell, Abbott Laboratories.

If Oracle's charges are true, what was SAP thinking? What a bunch of knuckleheads! In the story John McCormick and I wrote for Baseline a couple of years ago on corporate espionage ("Wanted: Chief Espionage Officer"), it was the spies and thieves who employed not-too-sharp tactics like the alleged SAP's who got caught.

Steve Bauer, an SAP spokesman, says SAP is still studying the lawsuit and has no comment for now. No word either on whether any of these customers knew they were involved.