NetApp Accuses VAST Data Executive Of Stealing Trade Secrets

In what reads like a corporate thriller with a dash of dark comedy, NetApp has filed an explosive lawsuit against one of its former senior executives, alleging he secretly developed a competing business while still collecting a paycheck. He then sold the business to a direct rival for an undisclosed sum just weeks after leaving the company.

The case, recently filed in federal court in Florida, paints a picture of alleged corporate betrayal that combines serious legal violations with an audacious inside joke referencing the 1999 cult classic film “Office Space.”

Underneath it all, however, lay the fortunes of two major players in enterprise infrastructure, NetApp and VAST Data. It’s also a lawsuit that raises questions about the tremendous power and influence a key technology executive wields in a hypercompetitive market like cloud AI and data infrastructure.

The Facts

The only clear facts in this case are that on November 6, 2025, NetApp filed suit against former senior vice president and chief technical officer, Jón Stefánsson. The suit alleges that Stefánsson deceived NetApp, stole its intellectual property, and ultimately leveraged that intellectual property when becoming VAST Data’s general manager of cloud solutions (find a PDF of NetApp’s complaint at this link).

NetApp also asked for, and was granted, a temporary restraining order against Stefánsson. The TRO restricts him from, among other things, engaging in any word activities “that relate to” and products, services, or “similar technologies that Stefánsson created or developed while employed at NetApp (a PDF copy of the TRO can be found here).

It’s crucial to note that VAST Data, while an incidental and impacted party, is not accused of any wrongdoing by NetApp. This is only about the purported actions of a departing key executive who just happened to land at VAST Data to help build a competing product.

The Executive Who Had It All

Jón Thorgrímur Stefánsson, known across the idustry as “Jonsi,” wasn’t just any NetApp employee. Over his eight-year tenure, he climbed the ranks to become Chief Technology Officer and Senior Vice President, with sweeping responsibilities across the company’s cloud operations.

Stefánsson oversaw NetApp’s first-party cloud storage products, led cloud strategy, managed relationships with major hyperscalers like Amazon Web Services, Google Cloud, and Microsoft Azure, and had his hands on the company’s entire cloud portfolio.

In other words, Stefánsson had access to the crown jewels, NetApp’s most confidential information, proprietary innovations, intellectual property, and critical business relationships.

The Secret Startup

According to NetApp’s complaint, trouble began brewing in early 2025. In January of that year, a former NetApp employee who now sits on the board of NetApp competitor VAST Data, sent a text message to another ex-NetApp employee stating simply: “Jonsi is in.”

Shortly after, the same person sent another message containing just the image of a red stapler.

For those unfamiliar with “Office Space,” the red Swingline stapler is the film’s most iconic symbol. It’s the cherished possession of Milton, a mistreated office worker who eventually burns down the building after being pushed too far. The stapler represents workplace frustration, rebellion, and ultimate revenge against corporate employers.

The choice of name wasn’t subtle. It was, NetApp alleges, an inside joke meant to taunt the company on their way out the door.

The Smoking Gun: Slack Messages and GitHub Activity

The red stapler reference was just the beginning. NetApp’s lawsuit includes what it considers damning evidence, including Slack messages exchanged on April 22, 2025, while both Stefánsson and another NetApp executive, Eiríkur Sveinn Hrafnsson, were still employed.

In the company-provided chat application, Stefánsson allegedly asked Hrafnsson: “Did you have the salary figures for everyone we want to get [to go to Red Stapler?]”

This wasn’t idle speculation about a future venture. According to NetApp, both men were actively recruiting while on the payroll, plotting their exodus while still drawing salaries from the company they were allegedly planning to compete against.

Even more problematic was NetApp’s discovery of a “Red Stapler” GitHub repository indicating that Stefánsson and Hrafnsson were actively designing and developing software for their startup while Stefánsson was still employed.

Internal emails show the “redstapler-is” organization existed on GitHub as early as June 16, 2025, eleven days before Stefánsson formally left NetApp on June 27, 2025.

The Ten-Week “Miracle”

Red Stapler was officially incorporated on July 3, 2025, just days after Stefánsson’s departure. The company operated in stealth mode with Stefánsson as CEO, joined by five former NetApp employees and one current employee — Hrafnsson, who remained at NetApp until August 31, 2025, even as he held the position of Red Stapler’s second-largest shareholder.

Then came the stunner. On September 9, 2025, a mere ten weeks after incorporation, VAST Data, a direct NetApp competitor, acquired Red Stapler for an undisclosed sum.

VAST’s press release describing the acquisition touted Stefánsson’s experience “competing against VAST” (while at NetApp) and the Red Stapler team’s “track record of designing and launching cloud-native services with leading hyperscalers.”

The crown jewel of the acquisition is reportedly Red Stapler’s “cloud control plane and service delivery platform” that would allow VAST to “burst seamlessly into public cloud environments.”

Here’s where NetApp cries foul: The company had spent years and tens of millions of dollars developing its Service Delivery Engine (SDE), which is an orchestration layer between hyperscalers and NetApp storage that does precisely what Red Stapler’s product allegedly does. The SDE allows end users to manage all elements of their data estate from a hyperscaler’s native interface, integrating with any public cloud platform.

NetApp’s position is that there’s no way Red Stapler could have developed competing technology in 10 weeks without leveraging NetApp’s confidential and proprietary information. The math doesn’t add up.

Contractual Obligations

Like all employees with access to sensitive information, Stefánsson signed a Proprietary Information, Inventions, and Non-Solicitation Agreement, a PIIA, before starting work at NetApp. The agreement was comprehensive:

• It prohibited the disclosure or improper use of NetApp’s confidential and proprietary information during and after employment
• It required Stefánsson to assign NetApp all inventions developed during his employment
• It mandated notification of any inventions created within six months after employment ended
• It barred the solicitation of NetApp employees and business partners

According to NetApp, Stefánsson violated every single one of these provisions.

Even if, hypothetically, Stefánsson and his team had somehow developed Red Stapler’s technology independently in that impossibly short timeframe, the PIIA required him to notify NetApp of the invention. According to NetApp, he never did.

Disappearing Act

When NetApp heard of the VAST acquisition in late October, the company sent Stefánsson a cease-and-desist letter highlighting the direct overlap between his NetApp role and his new position as VAST’s General Manager of Cloud Solutions. The letter emphasized the impossibility of Red Stapler developing its platform without trading on NetApp’s proprietary information.

Stefánsson didn’t respond. NetApp sent a second letter. Again, silence.

Then NetApp discovered something troubling. Days after receiving the first cease-and-desist letter, Stefánsson put his Orlando house on the market. He then apparently left the country abruptly, relocating to Iceland.

According to NetApp, the message was clear. Stefánsson had no intention of engaging with NetApp’s allegations or complying with what the company believes are his contractual obligations.

What’s at Stake

This case raises critical questions that extend far beyond one executive and one company:

• How much can employees take with them? In the technology industry, employees frequently move between competitors. But where’s the line between general knowledge and skills versus proprietary information and trade secrets?
• What happens when the “impossible” happens? If a small startup can recreate in weeks what took an established company years and millions of dollars to develop, is that innovation or appropriation?
• How enforceable are non-compete and invention assignment agreements? Courts have shown varying attitudes toward such contracts, particularly in different states and jurisdictions.
• What’s the value of loyalty in the modern tech economy? In an era where employee mobility is celebrated and “disruption” is the watchword, where do duties to current employers fit in?

What Comes Next

NetApp was granted a temporary restraining order against Jonsi and is seeking injunctive relief and damages. The company wants to prevent Stefánsson from further exploiting its confidential information, using designs and intellectual property that NetApp claims rightfully belong to it, and interfering with its critical business relationships.

But getting relief may prove complicated. Stefánsson is apparently now in Iceland, which could complicate enforcement of any U.S. court orders. VAST Data, while not named as a defendant, now owns whatever Red Stapler developed, creating additional complexity if that technology is indeed based on NetApp’s proprietary information.

The restraining order is in effect until November 26, 2025. NetApp is seeking to convert that into a permanent injunction.

Analyst’s Take

It’s impossible to know what’s true in this case. NetApp filed suit and was granted a temporary restraining order, but we haven’t yet heard Jonsi’s side of the story. As of the publication date of this article, he has not yet filed a response with the court.

VAST Data, for its part, declined to comment on the action and further declined to comment on Jonsi’s current position in the company or whether the TRO is impacting his day-to-day activities. It’s important to reiterate that VAST is not named in the suit, though it may be materially impacted by its outcome.

For NetApp, this isn’t just about one executive or one startup. The company fears that Stefánsson’s alleged actions could compromise its relationships with hyperscaler partners, which took years to build and underpin its cloud strategy. If proprietary information about these partnerships has been shared with VAST, the competitive damage could be substantial and ongoing.

The timing is particularly sensitive. The cloud storage market is intensely competitive, with major players fighting for position in the enterprise data management space. Any competitive advantage, especially one derived from inside knowledge of a rival’s technology, partnerships, and strategy, could lead to substantial returns.

For technology executives, this case serves as a stark reminder of the legal and ethical boundaries that govern the transition from one employer to another, especially when that transition involves competing directly with your former employer using knowledge gained during your employment.

And for all of us watching, it’s a reminder that in the corporate world, sometimes the cult classic reference is less about humor and more about harboring serious intentions, as well as serious legal consequences. We’ll be watching as this one unfolds.

Disclosure: Steve McDowell is an industry analyst, and NAND Research is an industry analyst firm, that engages in, or has engaged in, research, analysis and advisory services with many technology companies, including NetApp and VAST Data. No company mentioned was involved in the drafting of this article.