Apple Sues OpenAI Over Alleged Stolen Trade Secrets
Apple has accused OpenAI of trade secret theft after a former engineer allegedly exploited an unauthorized pathway to infiltrate the tech giant’s internal network from his new position. The iPhone maker contends that Chang Liu leveraged an unprecedented access control vulnerability to illicitly download dozens of files detailing unreleased proprietary devices.
The Zero-Day Exposure
Having served as an electrical systems engineer at Apple, Liu subsequently transitioned to OpenAI. According to the lawsuit, his ability to connect to Apple’s shared network repository persisted long after his departure. The company characterizes this systemic oversight as a rare zero-day vulnerability, as developers remained entirely oblivious to the flaw prior to the suspected intrusion and had no opportunity to deploy a patch.
In February 2026, the engineer purportedly endeavored to access a cloud repository containing technical blueprints, presentations, specifications, and highly sensitive roadmaps for unreleased products. Upon successfully gaining entry, Liu allegedly messaged Yuting Peng—an acquaintance still employed at Apple—remarking with amusement on his continued, unrestricted access.
Contractual Breaches and Workstation Compromise
Apple asserts that Liu neglected his contractual obligation to report the discrepancy, failing also to remove remote-access software and retaining his corporate laptop. Furthermore, while integrated into OpenAI’s workforce, the engineer allegedly utilized the corporate workstation of Peng, who subsequently joined OpenAI herself. Over several weeks, Liu potentially harvested dozens of confidential documents pertaining to proprietary hardware innovations.
Upon discovering the breach, Apple promptly revoked the former employee’s credentials and remediated the vulnerability. A thorough audit of server logs indicated that while the vulnerability theoretically exposed internal assets to several other individuals, Apple believes Liu was the sole actor to exploit it.
Federal Litigation Initiated
Consequently, Apple initiated litigation against OpenAI and the two former employees, filing a complaint in the U.S. District Court for the Northern District of California. Details of the formal filing can be reviewed in the official Apple v OpenAI lawsuit document.
The tech giant alleges that OpenAI systematically harvested proprietary intelligence regarding Apple’s future product pipeline during its recruitment campaigns, potentially incorporating these stolen assets into its own hardware initiatives. OpenAI has robustly refuted these claims, asserting it maintains no interest in the intellectual property of competitors.
Conclusion
As the judiciary prepares to evaluate the veracity of Apple’s claims, the unfolding legal battle highlights the profound dangers of orphaned access credentials post-termination. The flawed authorization mechanism permitted the former engineer, as the plaintiff contends, to navigate the corporate network with the impunity of an active employee.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.