The Broken Revolving Door
If your employee offboarding process relies on a generic IT checklist and the honor system, you are running on borrowed time. It does not matter how many corporate values posters hang in the lobby. When a high-value engineer walks out the door to join a direct competitor, their access must end instantly. Full stop.
But in the real world, terminating access is messy. The lawsuit filed by Apple in the U.S. District Court for the Northern District of California (San Jose) highlights exactly what happens when corporate offboarding falls apart. Apple is suing OpenAI over alleged trade secret theft. At the center of the dispute is Chang Liu, a former Apple system electrical engineer who resigned to join OpenAI. According to the court filings, Liu did not just walk away with his experience. He allegedly spent weeks after his resignation poking around Apple's internal files.
This is not a simple case of a folder copied to a thumb drive on a last day. It is a story about persistent, post-employment access. As a red team security professional, I see this pattern constantly. Companies build massive, expensive perimeters to keep external attackers out, but they ignore the slow, leaking endpoints right under their noses—highlighting why securing the AI perimeter starts with protecting every endpoint. If a former employee's machine continues talking to your internal cloud storage weeks after they signed their exit papers, your controls are failing you. It is that simple.
Anatomy of the Zero-Day Lockout Failure
Apple's complaint reveals a details-light but technically significant issue: Chang Liu allegedly exploited a "rare, previously unknown authentication bug" to bypass access revoke commands. In our line of work, we call this a zero-day vulnerability. It means Apple's security teams had zero days of warning to patch the flaw before it was leveraged against them.
The bug allowed Liu's credentials or physical session to remain active, bypassing the standard offboarding workflows that should have blacklisted his access. According to Apple's internal server log checks, the vulnerability was present and could have theoretically exposed data to a "few other" users. However, the logs indicate that only Liu actually exploited it. Apple has since patched this authentication bug and shut down the access route, but the damage was already done.
During February 2026, Liu allegedly queried and downloaded dozens of confidential hardware-related files from Apple's cloud-based network storage repository. These files were not generic training slide decks. They contained detailed data about unreleased products, proprietary project roadmaps, and highly sensitive engineering presentations. An authentication bypass like this is a nightmare scenario for any identity access management (IAM) team, especially because standard automated alerts often fail to flag access from previously leaf-certified or trusted devices.
Sharing Laptops and Hijacked Logins
The saga gets weirder when we review the hardware aspect. Corporate policy usually states that departing employees must return all company-owned laptops immediately. Liu did not do that. He allegedly ignored his employment agreement obligations and kept his Apple-issued work laptop. When questioned, he reportedly claimed he was using "another computer." In reality, the unreturned laptop remained a functional bridge to Apple's network.
But Liu did not stop at his own credentials. The complaint alleges he also utilized the device of Yu-Ting Peng, an acquaintance who was still employed at Apple at the time (and who also transitioned to OpenAI later). By leveraging an active employee's network access, Liu bypassed other security checks. He was using a trusted device owned by an active employee to exfiltrate confidential files.
Apple's evidence includes a chat message between Liu and Peng. After discovering he could still bypass Apple's login gates, Liu texted her: "LOL, I found out I can access the [network storage], so funny." It is a candid, almost casual admission of unauthorized entry. For a security red-teamer, it is also a reminder that human connections are often the easiest way to stretch or break access controls. While OpenAI has stated they have "no interest in other companies' trade secrets," the fact remains that highly sensitive Apple engineering data allegedly crossed the corporate line.
Beyond the Perimeter: What Red Teams Learn Here
What does this incident teach us about modern zero-trust architecture? Plenty. Many organizations think that forcing an employee out of Active Directory is the end of the line. It is not. Active sessions, OAuth tokens, and misconfigured endpoint agent apps can linger long after the human resource system lists an employee as terminated. (This is a core reason why modern threat actors are shifting to session hijacking and identity-targeted attacks rather than trying to brute-force passwords).
If you want to secure your offboarding, you must focus on session revocation, not just account disabling. When an account is terminated, every active session across every cloud-based storage system must be explicitly terminated. You also need to audit your endpoint logs. If a device has not checked in for physical collection but is still sending query requests to corporate repositories, that is an immediate incident response trigger.
Apple’s lawsuit will play out in court, but security teams cannot afford to wait for the verdict. Take this leak as a warning. Go check your IAM logs. Look for active tokens associated with employees who left last month. You might find some active sessions that should have died weeks ago. And if you do, do not laugh it off. Fix it before someone else does.