Ex-Cybersecurity Executive Claims Cover-Up of Data Breaches by Major Tech Firm

Former IBM cybersecurity executive William Barlow alleges the company failed to report multiple breaches by foreign entities, including China, possibly affecting IBM's substantial U.S. government contracts and broader public trust in the tech giant. These accusations come at a time when data breach laws demand heightened transparency, suggesting potential legal repercussions and industry-wide implications for data security practices.

Nathan Mercer

June 7, 2026

Claims of a cybersecurity cover-up at a tech giant as substantial as IBM don't just raise eyebrows-they snap them right off. According to William Barlow, a former cybersecurity executive at IBM, the company allegedly covered up multiple breaches instigated by foreign governments, including China. The accusations, reported by TechCrunch, suggest that IBM did not disclose these incidents despite the severe implications such breaches hold for data security and trust.

Barlow's claims outline a scenario where IBM's network was purportedly compromised repeatedly between 2013 and 2016 by APT 10, a group linked to the Chinese government. The scale of these breaches is staggering: the investigation allegedly found over 56,000 potential breaches. Astonishingly, IBM is said to have shrugged off the necessity to maintain adequate access logs, which is a bit like a bank not bothering to fix the locks on its vault doors.

This isn't just about corporate accountability; it's about a breach of public trust, particularly given IBM's extensive contracts with the U.S. government. For a company entrusted with national security data to possibly neglect notifications of such breaches seems, at best, a gross mishandling and, at worst, a deliberate cover-up. The implications extend far beyond the walls of IBM, affecting all sectors that rely on its services and technologies, including those leveraging crypto on- and off-ramping solutions in the fintech space.

Jurisdictionally, these allegations arrive at a time when data breach notification laws have grown tighter, demanding more transparency and quicker responses. If these claims are substantiated, they could spur stronger enforcement and perhaps new regulations, impacting how all tech companies manage and disclose breaches.

IBM, for its part, argues that their actions were lawful, a stance that might comfort their lawyers more than their clients. The legal battles and potential fallout will shed light on not just IBM's practices, but also on the broader tech industry's responsibility to guard data against prying eyes and, importantly, to come clean when defenses falter. Compliance isn't just about checking boxes; it's fundamentally about maintaining a framework of trust. And trust, once broken, is notoriously difficult to rebuild.

Sign up to Radom to get started

Start accepting crypto payments
Next generation
crypto payments platform
Crypto Payments
Crypto BillingCrypto Payment LinksCrypto CheckoutCrypto InvoicesCrypto PaymentsCrypto PresalesCrypto On/Off-RampCrypto ConvertMass PayoutsDeposit AddressesVirtual Accounts
Support
Contact salesSupport centre
Company
PricingAboutBlog
Compare
CryptocurrenciesBlockchainsComparisons
Developers
DocumentationAPI referenceResources
© 2026 radom Pay Sp. z o.o. All rights reserved.
Privacy PolicyTerms and Conditions
United Kingdom

Radom Pay Spółka z ograniczoną odpowiedzialnością (KRS: 0001079663, NIP: 5214051865) is registered at ul. Żelazna 59A, 00-848 Warsaw, Poland. Radom Pay Sp. z o.o. is registered in Poland as a Virtual Asset Service Provider and is the sole provider of cryptoasset services available through the Radom platform.