An internal IBM investigation concluded that APT 10 potentially breached IBM's network over 56,000 times between 2013 and 2016. The extensive compromise of IBM's core network over three years put sensitive data at risk, according to TechCrunch. A former IBM cybersecurity executive, William Barlow, initiated the whistleblower accusation, alleging a significant IBM data breach cover-up.
IBM, a major provider of secure cloud services to the US government, is accused of covering up tens of thousands of foreign state-sponsored hacks, but its internal investigations reportedly confirmed extensive compromises.
Based on these whistleblower allegations, major tech companies may be trading transparency and security for reputation management, potentially exposing critical infrastructure and government data to undisclosed risks.
The Scale of the Alleged Breaches
- A separate company investigation found more than 50,000 potential APT 10 hits during that period, according to Silicon, which is a lower figure than the 56,000 reported by IBM's internal investigation.
- A probe a year later found hackers had accessed nearly 400 compromised accounts and almost 200 total systems and servers in 18 countries, according to Silicon.
The sheer volume and global reach of these alleged breaches reveal a profound, sustained compromise of IBM's network over several years.
Government Systems Allegedly Compromised
Cloud systems operated by IBM and AT&T for the US federal government suffered numerous breaches by foreign hackers, according to Silicon. The companies allegedly concealed these incidents from the government. Such alleged systematic concealment by IBM, a key government contractor, not only raises serious national security concerns but also exposes a profound failure in accountability, leaving critical infrastructure dangerously vulnerable.
A Pattern of Undisclosed Breaches
William Barlow further accused IBM of failing to properly investigate and disclose breaches at its acquired subsidiaries, Trusteer and Truven, TechCrunch reports. Trusteer was breached in 2018, and Truven experienced multiple breaches after its 2016 acquisition, incidents that occurred before 2025. The breaches at Trusteer in 2018 and Truven after its 2016 acquisition suggest a broader, troubling pattern of alleged non-disclosure across IBM's operations, extending to its acquired entities. If these accusations prove true, it appears companies entrusted with sensitive government data are prioritizing reputation over transparency, setting a dangerous precedent where the true scale of cyber threats remains obscured.
What Happens Now?
These accusations will likely trigger intense scrutiny from government agencies, potentially leading to legal and regulatory actions against IBM and AT&T. The revelation that the US government may have unknowingly operated on compromised systems for years, due to alleged cover-ups of over 56,000 breaches, exposes a critical gap in oversight of its most vital technology partners. As of Q3 2026, IBM's standing as a trusted government contractor has been significantly impacted.
Frequently Asked Questions
Who is the IBM whistleblower?
William Barlow, a former IBM cybersecurity executive, initiated the allegations against IBM and AT&T, according to Bloomberg. His specific role involved overseeing cybersecurity for IBM's cloud services.
What are the consequences of IBM's alleged data breach cover-up?
The consequences could include substantial financial penalties and a significant loss of trust from government and enterprise clients. Such allegations also risk severe reputational damage and potential debarment from future government contracts.
