The FBI said it arrested a computer programmer in New York this week and charged him with stealing proprietary software code from the Federal Reserve Bank of New York. The software known as the Government-Wide Accounting and Reporting Program (GWA) handles all manner of U.S. government financial transactions.
From the FBI: "As alleged in the complaint, between May 2011 and August 11, 2011, Bo Zhang was a contract employee assigned to the Federal Reserve Board of New York (FRBNY) to work on further developing a specific portion of the GWA's source code which the United States has spent approximately $9.5 million to develop. In the summer of 2011, Zhang allegedly stole the GWA Code.
"According to the complaint, Zhang admitted that in July 2011, while working at the FRBNY, he checked out and copied the GWA Code onto his hard drive at the FRBNY; he subsequently copied the GWA Code onto a bank-owned external hard drive; and he connected that external hard-drive to his private office computer, his home computer, and his laptop. Zhang stated that he used the GWA Code in connection with a private business he ran training individuals in computer programming."
"Zhang took advantage of the access that came with his trusted position to steal highly sensitive proprietary software. His intentions with regard to that software are immaterial. Stealing it and copying it threatened the security of vitally important source code," said FBI Assistant Director in Charge Janice Fedarcyk in a statement.
Now free on bond but due back in court in February, Zhang, 32, of Queens, New York, faces a maximum term of 10 years in prison and a $250,000 fine if guilty.
While the FBI didn't identify which company Zhang currently worked for, Bloomberg.com reported he in the past had worked for at Goldman Sachs Group Inc. (GS) and Bank of America Corp.
Bloomberg.com also said Matt Anderson, a Treasury spokesman, said the department has worked to strengthen security procedures for Federal Reserve contractors working on Financial Management Service projects. "There was no compromise of any transaction data, personal identifying information or federal funds," Anderson said.