apple bug Apple has accused OpenAI of benefiting from a former Apple employee’s alleged theft of confidential files, saying a “rare, previously unknown authentication bug” let the worker access Apple’s internal network after he had already moved on to a job at OpenAI. In a complaint filed in the U.S. District Court for the Northern District of California in San Jose, Apple says the incident exposed a security weakness, allowed the download of sensitive hardware and product data, and underscores how difficult it can be for companies to fully sever departing employees’ access.
apple bug
Apple’s latest legal claim against OpenAI
The dispute became public on Friday when Apple said it was suing OpenAI over the alleged theft of trade secrets, claiming OpenAI stole Apple’s confidential data and sought proprietary information while recruiting former Apple employees. The filing is notable not only for the trade-secret allegations, but also for Apple’s description of how one former employee allegedly kept access to internal systems weeks after leaving the company.
According to Apple’s complaint, the former employee is system electrical engineer Chang Liu. Apple alleges that Liu “exploited a rare, previously unknown authentication bug” that gave him access to the company’s network. Apple classifies the issue as a zero-day vulnerability, meaning it was unknown to the company before the alleged exploitation and therefore could not be patched in advance.
Apple says it has since fixed the bug and terminated the employee’s access after discovering what it called a “security breach.” The company also claims its server logs show that only Liu exploited the vulnerability, even though the flaw could have allowed “a few other” people to access data on Apple’s network.
What Apple says was taken
In the complaint, Apple says Liu allegedly took “dozens of Apple’s confidential hardware-related files” over several weeks after he had joined OpenAI. Those files, Apple claims, included “detailed information about unreleased products, engineering presentations, technical specifications, and proprietary project data.”
The allegations suggest the material was not routine office content but highly sensitive engineering information tied to Apple’s product development. Apple’s filing does not publicly identify the unreleased products involved, and the company did not offer further details about the files in response to TechCrunch’s questions.
Apple’s main allegations at a glance
- Former Apple system electrical engineer Chang Liu allegedly accessed Apple’s network after leaving the company.
- Apple says he used a “rare, previously unknown authentication bug.”
- The alleged access occurred weeks after Liu joined OpenAI.
- Apple says he downloaded dozens of confidential hardware files.
- The files allegedly included unreleased product details, engineering presentations, technical specifications, and proprietary project data.
How the access allegedly happened
Apple’s complaint gives a limited description of the vulnerability, but the company portrays it as an authentication flaw — in other words, a problem in the login or verification process that let the wrong person through. Apple did not explain whether the bug stemmed from a software defect, a misconfiguration, or a permissions issue. In general, authentication bugs can arise when former employees are not fully removed from systems or when access controls are broader than intended.
The filing says Liu allegedly discovered he could still access Apple’s network repository after leaving the company, “the result of a then-unknown authentication vulnerability.” Apple says he did not report the bug under the obligations in his employment agreement, and he also allegedly failed to return his Apple-issued work laptop.
Apple further claims that Liu did not delete “the program that allowed the access” to the network. The company did not identify the program. It is common for employees to use authorized tools such as VPN software or remote-access applications when working with company data off-site, but Apple did not say what specific software was involved here.
Apple also alleges that Liu had previously claimed to have “another computer,” while still retaining the Apple-issued laptop that had been used to access Apple’s network. The complaint says the device suggests he was once able to send and receive files from Apple’s internal systems.
Another employee and alleged misuse of credentials
Apple’s filing also names an acquaintance, Yu-Ting Peng, who was then an Apple employee and later went to work for OpenAI. Apple says Liu allegedly misused Peng’s Apple-issued work laptop “while she was still employed at Apple and he was not.”
That allegation broadens the dispute beyond one departing employee’s access and raises questions about how Apple says credentials and devices were handled during the transition between employers. Apple does not provide a full timeline of Peng’s employment in the complaint, beyond noting that she was at Apple at the time of the alleged misuse and later joined OpenAI.
Separately, Apple says Liu tried to access Apple’s network storage in February 2026, describing the repository as a cloud-based file system containing confidential engineering files, project documentation, and other proprietary information. Once he allegedly obtained access, Apple says he sent a message to Peng: “LOL, I found out I can access the [network storage], so funny.”
Why the case matters beyond Apple and OpenAI
Although the complaint centers on Apple’s claims against OpenAI, the filing also highlights a broader and very practical security problem: what happens when employees leave but some of their access remains active. Companies typically try to revoke credentials immediately to reduce the risk that sensitive information can walk out the door, whether deliberately or by accident. If accounts or devices are not fully decommissioned, organizations can face future security lapses, data breaches, or actions by disgruntled former staff.
Apple’s account suggests that the alleged bug could have affected more than one person, though the company says only Liu used it to steal confidential information after leaving Apple. If true, that would mean the vulnerability was serious enough to create a broader exposure, even if only one person appears to have exploited it according to Apple’s logs.
Apple did not respond to TechCrunch’s email questions about the vulnerability, how it was exploited, or when the company decommissioned the employee’s credentials. TechCrunch also asked Apple when Liu’s access was terminated, but the company did not reply. OpenAI previously said it has “no interest in other companies’ trade secrets.”
What happens next
Apple has demanded a jury trial, and the case could begin this year if it proceeds. For now, the complaint presents Apple’s version of events and lays out a chain of alleged unauthorized access, file downloads, and credential misuse. OpenAI has not been described in the source material as having publicly commented on the specific allegations in the filing beyond its earlier statement rejecting interest in trade secrets.
The case is likely to draw attention not only because it involves two of the most closely watched companies in tech, but also because it highlights a persistent problem for large organizations: even when employees leave, access controls, shared devices, and internal repositories can remain weak points if offboarding is not airtight.
Apple’s claims remain allegations at this stage, and the filing itself provides only limited technical detail about the bug it says was exploited. Still, the complaint offers a clear reminder that the security risks associated with employee departures can persist well after a resignation date, especially when credentials or devices are not fully recovered.
Source: Original report
Was this helpful?
Last Modified: July 14, 2026 at 10:55 am
2 views
