BANGKOK/RIYADH: THAI police have arrested a former official of PetroSaudi International Ltd and charged him with attempting to blackmail and extort the company, Thai media and the company said yesterday.
Thai police chief Gen Somyot Pumpunmuang told a news conference here that the Crime Suppression Division police had detained Xavier Andre Justo, a Swiss national, following the issuance of an arrest warrant by the Southern Bangkok Criminal Court.
Police have also searched his residence, seizing a computer and other equipment which they believe may have been used as part of the alleged offence.
Police said Justo, who had fled to Thailand, was previously an executive at PetroSaudi. The Saudi-based international company, which invests in the oil and gas industry, is best known in Malaysia for its former dealings with strategic investment fund 1Malaysia Development Bhd (1MDB).
Two years after he was dismissed from the company, Justo allegedly attempted to blackmail and extort PetroSaudi for as much as 2.5 million Swiss Francs (RM10 million). Justo had allegedly threatened to release confidential business information, purportedly stolen from the company, if his demands were not met.
In a statement issued in Riyadh, Saudi Arabia, PetroSaudi said it welcomed the arrest of Justo and that it would fully cooperate with the Thai authorities. It said it was considering further legal action in other jurisdictions. In addition to the ongoing case in Thailand, PetroSaudi is believed to be preparing to file a claim against Justo with the London police in respect of blackmail and computer misuse offences, and is commencing proceedings in Switzerland for numerous breaches of contract.
“We are relieved that Mr Justo will now face justice through the courts. We have been the victims of a regrettable crime that has unfortunately been politicised in Malaysia,” a PetroSaudi spokesperson said. “We are happy to finally set the record straight and apologise to the Malaysian people for the harm that one of our unscrupulous ex-employees has caused them,” he said.
Following the attempted blackmail, various emails and documents appeared on a politically-motivated blog Sarawak Report, sparking a wave of allegations against 1MDB. It has now been learnt that some of the emails and documents published on the blog were found to be tampered with, bringing into question the veracity of these allegations. An international cyber-security firm, Protection Group International (PGI), was subsequently hired to conduct an in-depth investigation into the source of the data published on the Internet, as well as to verify its authenticity.
These investigations revealed clear evidence of the systematic theft of confidential company data by Justo prior to his departure from PetroSaudi. Furthermore, the analysis showed that the data was tampered with after it was stolen from PetroSaudi. It was believed that much of this tampered data subsequently appeared on Sarawak Report and served as the backbone of the blog’s claims of impropriety against 1MDB.
An expert from PGI said: “Our investigation is still ongoing, but it is clear that we are looking at a case of large-scale data theft, and our analysis substantiates that Justo is the source of the data published on Sarawak Report. “For example, when we looked into a PowerPoint file that was on one of the Sarawak Report’s blogs, we found evidence in the metadata of that file that it had been handled by a certain “xavierj” in 2013; two years after Justo left PetroSaudi, and four years after the file had originally been created by a law firm that advised PetroSaudi.
“It is also clear that the stolen data sets are incomplete, and underwent an editing process after they were removed from PetroSaudi’s systems, and before they were published on the Internet. “There are many inconsistencies between the published data and the data which still exists on files within PetroSaudi relating to that period of time.
Simply put, it is incomplete data, creatively selected and edited to fit a desired narrative. “These cases are all too familiar and we have unfortunately dealt with so many of them, where a greedy or malicious employee removes confidential data and threatens to publish it, or has it published for personal gain — financial or otherwise. “Published data then invariably goes through selective editing, and not infrequently plain forgery, in an attempt to up the ante and create the most damaging story possible.
“This case is an almost textbook match to that profile. PetroSaudi, like many companies, individuals or even governments that we have seen before them, and no doubt will continue to see after them, will suffer unfair scrutiny caused by a misinformed online onslaught.
“In this case, what started out as a simple story of personal gain by a former employee, became a story of politically-motivated allegations through the use of irresponsible online blogs. “All of the investigations we have conducted thus far would lead me to say that, from both a forensic and expert perspective, the information (relating to this issue) published on the Internet should be considered unsafe and unreliable by those wishing to draw conclusions from it,” he said.
The Thai police are carrying out their own investigation and have seized computers and other evidence from Justo’s residence. This evidence will be thoroughly analysed in an attempt to understand whether any other parties may have been involved with Justo.
Meanwhile, PGI said it would hand over further evidence to the authorities as its inquiry continued into how PetroSaudi’s computer files were accessed and edited.