It has been reported that the world’s software giant SAP AG was sued by its largest competitor, Oracle Corporation, for computer fraud and data theft in March 2007 (Anon, 2010). In the Complaint, Oracle Corporation (2007) stated that in November 2006, unusual heavy download activities were spotted on Customer Connection, a website Oracle used to serve its customers. The uncovered access originated from an IP address in one of SAP’s braches with log-in IDs of PeopleSoft and J.D. Edwards customers. It is discovered later that TomorrowNow and SAP TN, two SAP subsidiaries, committed a series of unauthorized access to Oracle’s customer service system and more than 10,000 illegal download activities. Mass of important materials, including copyrighted software codes and confidential documents was theft. In this way, SAP was capable of establishing a service library for PeopleSoft and J.D. Edwards products, and launched a marketing campaign to snatch Oracle’s customers. The fraud resulted in Oracle’s 120 copyrights infringed and posed the threats of losing 358 customers (Kawamoto, 2007). On 24 November 2010, the U.S. Federal District Court for Northern California announced that Oracle won the Case with SAP liable for $1.3 billion compensation. As Slappendel (2010) points out, this is the largest amount ever awarded in copyright infringement cases. The core reason may lies that the verdict is based upon the fair market value of the licenses for utilizing those resources instead of Oracle’s profit loss. After the verdict, SAP’s stock price has been falling significantly and TomorrowNow had to be shut down (Anon, 2011; Team, 2010). Although SAP accepted the liability and apologized for its inappropriate behavior, the company has been arguing that the penalty was contrary to the reality of the damage caused by the fraud (Margan, 2011). It is also reported that SAP has filed motions to the Court and therefore SAP’s computer fraud case does not seem to end at present.
The action of data theft has brought unnecessary troubles to both SAP and Oracle. In order to prevent computer fraud effectively, it is essential to fully examine the reason of SAP’s behavior. Fraud Triangle will be used as an analysis tool. It is estimated by Romney and Steinbart (2009) that Fraud Triangle consists of the three normal conditions for fraud to occur: pressures, opportunities and rationalizations. Figure 1 shown below is a brief summary of Fraud Triangle in the Case.
5. Homely meals in
FIGURE 1 FRAUD TRIANGLE OF SAP
2. Oracle’s insufficient security management
4. Theft by other companies
(i.e. Siebel Systems) before
1. Financial - fierce competition in the market
3. Few evidence – may not be...