Now, the civil litigation over the infamous Eli Lilly Enfield robbery

Florida court case could have implications for how warehouse security is maintained

The Florida gang that stole some $70 million worth of branded drugs from an Eli Lilly warehouse in Enfield, CT in 2010 are in jail; much of the stolen drug has been recovered and disposed. Eli Lilly obtained a $48-million settlement from its insurer, National Union Fire Insurance (Pittsburgh), and now that insurer is going after ADT Security Services and its parent, Tyco Integrated Security, to win some or all of that money back.

Elizabeth Gilbert, Esq., of the New York law firm Gilbert P.C., one of the lawyers for the plaintiffs, notes that essentially nothing of Tyco’s warehouse-security equipment, or its site-monitoring services, is being faulted; rather, the case will turn on how well Tyco maintains its own internal security for, among other things, the proposals, wiring diagrams and other details of the security systems installed at the Enfield facility. The filing complaint alleges that “ADT/TYCO undergoes no routine, internal vulnerability assessments of the security of its information storage systems in Boca Raton, Florida to ensure that the confidential information in its possession is safeguarded and not improperly accessed,” and presents what the presiding judge calls a legitimate “stack of inferences” from which a jury could conclude that ADT/Tyco is at fault.

The litigation (Case 9:13-cv-80371-KAM) began in mid-2013 following extensive discovery and other legal actions; a couple weeks ago, the presiding judge in the US District Court of Southern Florida, issued a summary judgment that clears the way for a trial to begin this month (although other motions are yet to be heard).

National Union presents evidence that suggests that the Florida gang had inside information on how the Enfield security systems were set up, which enabled them to bypass the systems (by, amazingly, cutting a hole in the roof of the facility and then rappelling into the interior of the warehouse); however, there is no “smoking gun” that demonstrates that the gang had this inside knowledge. Thus, the “stack of inferences.” It would be highly ironic if the jury trial finds that ADT/Tyco, one of the leading facility security companies in the world, did not do enough to secure its own data systems.

Another interesting element of the litigation is the back-and-forth over the value of the stolen property. National Insurance used its own forensic accountants to determine a value of $48.5 million for the “transfer-in price” as the value of the products (i.e., the value of the products at the time they physically existed in the Enfield facility); Tyco tried to justify a “pure manufacturing cost” of $4.36 million, which the judge rejected.

The takeaway for pharma supply-chain security managers, even if National Union loses this case: check with your security systems vendors as to the security of their systems for storing proprietary data. Even if no insider at Tyco handed over the Enfield blueprints, these days, data systems are ripe for outside intrusion.