Technology

Apple Says Ex-Employee Exploited Zero-Day Bug to Siphon Files to OpenAI

Martin HollowayPublished 2d ago0 min readBased on 6 sources
Reading level
Apple Says Ex-Employee Exploited Zero-Day Bug to Siphon Files to OpenAI

Apple has detailed how it believes a former hardware engineer used a previously unknown authentication flaw to keep pulling confidential files from its network storage for weeks after he had already left the company for OpenAI, according to a complaint reported by TechCrunch.

The former employee, Chang Liu, worked as a system electrical engineer at Apple before departing for OpenAI. Apple's complaint, first reported by TechCrunch on July 10, alleges Liu discovered in February 2026 that his access to Apple's network storage — a cloud-based repository holding engineering files, project documentation and proprietary technical data — had not actually been revoked. The vulnerability, according to the filing, was a zero-day authentication bug nobody at Apple knew existed at the time.

Apple says server log review turned up no evidence anyone besides Liu exploited the flaw, though the company acknowledges in its own complaint that the bug's design could theoretically have let a small number of other former or current users through the same gap. Apple has since patched the vulnerability and says it cut off Liu's access once the intrusion came to light. The company did not respond to TechCrunch's questions about how the bug worked technically or the exact timeline of when Liu's credentials should have been decommissioned.

Over several weeks, Liu allegedly downloaded dozens of confidential hardware-related files, including material describing unreleased products, internal engineering presentations, technical specifications and other proprietary project data, per the complaint cited by TechCrunch. Separately, NBC News reported that Apple's filing also alleges the stolen material extended to manufacturing process information, not just product designs.

The complaint adds two more granular allegations that go beyond the authentication exploit itself. Liu is accused of failing to return his Apple-issued work laptop after departure, telling the company he had "another computer" — a detail that raises unanswered questions about custody of any locally cached corporate data. Apple also alleges Liu made use of a laptop belonging to an acquaintance, Yu-Ting Peng, who was still an Apple employee at the time and later also moved to OpenAI; Liu allegedly used her still-active Apple credentials and device to reach systems he could no longer access under his own identity, before the network storage bug gave him a more direct route in.

Apple's lawsuit, filed against OpenAI, names both Liu and Peng as defendants, according to the Washington Post. Apple alleges the underlying trade secret misconduct was directed by senior OpenAI leadership, including one long-tenured OpenAI employee, per TechCrunch's July 10 reporting. A companion TechCrunch piece published July 13 notes the filing includes allegations that OpenAI employees joked internally about unauthorized access to Apple systems — allegations that, if substantiated, would speak to institutional awareness rather than a single rogue actor. The full complaint is available on DocumentCloud.

The mechanics here are worth sitting with for a moment. A zero-day in an internal network storage authentication layer that persists undetected long enough for a departed employee to notice and exploit it is, on its face, an offboarding and identity-lifecycle failure as much as a cryptographic one — the kind of gap that typically surfaces in access review audits, not months later via litigation discovery. Apple's own filing effectively concedes the flaw had blast radius beyond Liu, even as it maintains he was the only one who used it.

The laptop-sharing allegation is arguably the more conventional insider-threat vector of the two, and the more familiar one to anyone who has handled corporate offboarding at scale: a colleague's still-valid badge or credential, used informally, well after the "termination" checkbox has been ticked in HR systems. Large organizations have spent years hardening against exactly this pattern with just-in-time access and automated deprovisioning, and Apple's own account suggests those controls either lagged the exploit or were circumvented entirely.

OpenAI has not yet filed a public response to the specific technical allegations detailed in the July 13 TechCrunch report, and neither Apple nor OpenAI has commented publicly beyond the court filings themselves. The case sits within a broader wave of trade secret litigation tied to AI talent movement between hardware incumbents and frontier AI labs, though the alleged use of an actual authentication vulnerability — rather than simply memory or retained documents — sets this dispute apart from more typical noncompete and trade-secret claims in the sector.