This Is Not Just a Breach. It’s a Pattern:

 From: Arul A <Arul.A@mphasis.com>

Sent: Thursday, October 31, 2024 2:53 PM

Subject: RE: [External] Incident : INC0998747 - QBE & Mphasis emails

Hi Defendant,

Just want to keep you informed, since you already got client laptop, Mphasis IT team will not provide you Mphasis laptop.

Regards,

Arul. A

Global Strategic Resourcing (GSR) | Human Resources | MphasiS Corporate Support

---------- message --------- 

Nov 1, 2024 at 1:19:28  PM: Defendant states; “QBE Policy Reference:

Group Acceptable Use Policy.pdf, page 10 4.8 Prohibited Behavior Section (r): Use unauthorized third-party email services for exchanging business-related messages and information. Only QBE-approved systems may be used for transmitting sensitive information relevant to our business.

Additional Note:
Accessing third-party systems, including portals or email clients, through web connectors can pose security risks. Based on experience with companies like Walmart, BofA, and others, security incidents are often internal rather than external.”

---------- message ---------

Nov 1, 2024 at 1:19:28  PM: Defendant states; “Thank you for your time, Yaberry! 

Forwarding the email thread as requested, though it’s not an ideal one. I strongly recommend that Mphasis employees avoid accessing the Mphasis web portal using client laptops on their network.”

---------- message ---------

On February 28, 2025, Mphasis management, through Ruturaj Waghmode, transmitted confidential QBE materials to Defendant’s Mphasis email, which he accessed via personal MacBook due to Mphasis’s failure to provide standard corporate hardware. Lacking domainjoined equipment necessary for compliance, Defendant was compelled to forward the QBE.pptx file from his Mphasis email (albert.rojas@mphasis.com) to his personal email (rojas.albert@gmail.com) to complete required work.

Under the doctrine of equitable estoppel (Kosakow v. New Rochelle Radiology, 274 F.3d 706, 725 (2d Cir. 2001)) and unclean hands (Precision Instrument Mfg. Co. v. Auto. Maint. Mach. Co., 324 U.S. 806, 814 (1945)), Plaintiff cannot assert violations that it induced through its own failure to provide basic resources. Plaintiff’s failure to furnish tools required for compliance negates any assertion of willful misconduct (Heckler v. Community Health Services, 467 U.S. 51, 59 (1984)).

From: Ruturaj Waghmode <ruturaj.waghmode@mphasis.com> 

Sent: Friday, February 28, 2025 10:23 AM 

To: Albert Rojas <albert.rojas@mphasis.com> 

Subject: QBE draft deck 

Regards, Ruturaj +1.650.507.9809 

QBE.pptx

To: Jitendra, Nitin, shannon.berson@mphasis.com, Jitendra, Dean [last name redacted]
Hi Team,
I hope you’re doing well. I’m unable to access Mphasis emails from QBE. I previously submitted a request for an Mphasis laptop while using my personal Mac, which I no longer have.
Could you please arrange for the same setup as Dean? Please refer to his note below for details.
I would appreciate an update on the status of the Mphasis laptop when you have a chance.
Thank you!
Best regards,
[Name redacted]
 

Microsoft Teams Chat Section

Dean Forrest
11:52 AM
 [Message from you:] Do you have a QBE laptop???

Dean Forrest: Yes

11:52 AM
 [Message from you:] how do you access Mphasis emails from QBE laptop without downloading the microsoft authenticator?

Dean Forrest: I don't have my Mphasis emails on my QBE machine

Dean Forrest: I use my Mphasis laptop for it.

11:53 AM
 [Message from you:] Copy!

Email Header

From: Ruturaj Waghmode ruturaj.waghmode@mphasis.com
Sent: Friday, February 28, 2025 10:23 AM
Subject: QBE draft deck

Email Body

Regards,
Ruturaj
+1.650.507.9809

Information Transmitted by this Email is Proprietary to Mphasis, its Associated Companies and/or its Customers and is Intended for use only by the Individual or Entity to which it is Addressed, and may contain Information that is Privileged, Confidential or Exempt from Disclosure under Applicable Law. If you are not the Intended Recipient or it appears that this Email has been Forwarded to you without proper Authority, you are Notified that any use or Dissemination of this Information in any manner is Strictly Prohibited. In such cases, please Notify us Immediately at mailmaster@mphasis.com and delete this Email from your Records.

Attachment:
QBE.pptx

He faced repeated exclusion and was ultimately removed from the project with a comment suggesting he did not follow a “modern approach”—a remark perceived as age-related, as he is > 50 years of age.

• Mar 12, 2025 (12:10 PM): Management responded “Reducing Scope via BCC”
• Mar 12, 2025 (12:36 PM): He responded "Please do not limit the scope of this thread—management needs full visibility into how all the moving parts have been functioning."
• Mar 12, 2025 (12:42 PM): Management retaliated with a warning: "xxxxxx– this is not appropriate or permitted to be adding these individuals into a CRO investigation without specific direction from the CRO."
• Mar 12, 2025 (12:58 PM): He responded "This work was requested by management (Cc list). Had I been provided an Mphasis laptop, this issue wouldn’t have occurred in the first place."
• Mar 12, 2025 (1:19 PM): Management retaliated "Shannon- I will take this ahead from here.."
• Mar 12, 2025 (7:01 PM): His account was locked without explanation.
  Mar 14, 2025: He was officially terminated. 
  • Regarding HR’s claim that he was “working outside the USA without authorization,” this is demonstrably false. On Friday, February 7, 2025, at 11:34 AM, his management explicitly approved his travel at his own expense, stating:
  • "I don’t want you to bear personal expenses for something that could be done remotely. If you are anyways travelling for personal stuff, then that’s fine, and we can meet up in London when you are around."
  • This confirms that my travel was both authorized and personally funded. 

LEGAL BRIEF

Subject: Whistleblower Retaliation, Compliance Violations, and Age Discrimination — Plaintiff

v. Mphasis Ltd.

I. EXECUTIVE SUMMARY

This matter centers on a senior technologist employed by Mphasis who, while supporting a high-profile initiative for client QBE, raised urgent internal concerns regarding systemic noncompliance, data security lapses, and unauthorized use of proprietary technology. Despite making good-faith disclosures through Mphasis's Office of Ethics and Compliance (OEC) and Whistleblower channels between November 20–22, 2024, Plaintiff was retaliated against, denied standard IT resources, and ultimately terminated under questionable circumstances. 

The core events can be succinctly summarized by Plaintiff’s paraphrased account:

"Let me get this straight, Ruturaj:

You didn’t like George’s 66-slide deck, so you gave it to the new guy—knowing he had no Mphasis laptop—and told him to fix it over the weekend. You bypassed security, pulled it from SharePoint, and sent it to his personal email. 

He trimmed it to 8 pages for QBE. You didn’t like that either. Called him a '60s programmer' and dumped another 66-slide Lucid deck on him. 

Then security flags him for using his Mac—and you, Shannon, Charles and Jitendra fire him?"

This narrative underscores a disturbing sequence of disregard for compliance, ethics, and human

capital. The facts establish credible claims under Sarbanes-Oxley (SOX), Dodd-Frank, and

relevant state and federal whistleblower and labor protection statutes.

II. PLAINTIFF’S BACKGROUND

Plaintiff is an information technology expert with over 30 years of experience, including service

within the U.S. Department of Defense Cybersecurity Division. Protecting digital assets and

ensuring policy compliance are intrinsic to his professional identity.

He joined Mphasis in October 2024 after being recruited while working independently. Upon

assignment to the QBE project, one of Mphasis’s largest accounts, Plaintiff was denied a

company-issued laptop, in violation of standard provisioning policies. This created immediate

and ongoing exposure to security and regulatory risks.

III. KEY CONTRIBUTIONS

• December 2024: Enhanced document decoding efficiency for QBE by integrating a large

language model (LLM) with a linguistic engine, reducing processing time from 35

seconds to under 2 seconds—without compromising accuracy.

IV. WHISTLEBLOWER RETALIATION & COMPLIANCE VIOLATIONS

November 20–22, 2024: Plaintiff formally submitted complaints to Mphasis’s OEC and

Whistleblower teams, flagging:

• Lack of a corporate-issued laptop, forcing use of personal hardware.

• QBE’s non-compliance with its Acceptable Use Policy.

• Disparate treatment and contradictory instructions from management.

• Unapproved use of his proprietary technologies by Mphasis and QBE.

Following his disclosures:

• Plaintiff was pressured into withdrawing his whistleblower complaint.

• He continued to experience escalating hostility from management.

• His access to tools and systems remained restricted, impairing his job performance.

• He was terminated shortly after, under false pretext.

Notable Supporting Communications:

• Internal emails confirming Mphasis refused to issue him a laptop.

• Plaintiff’s emails detailing security concerns and IP violations.

• OEC and Whistleblower formal submissions.

• Rejections and dismissive responses from management.

• Screenshots of error messages and policy violations.

V. AGE DISCRIMINATION

Plaintiff, over age 60, became the subject of inappropriate comments and behavior:

• March 7, 2025: During a team meeting, Ruturaj Waghmode shared images of dinosaurs

in apparent reference to Plaintiff’s age.• March 12, 2025: The Mphasis Chief Risk Officer (CRO) asked about Plaintiff’s age and

referred to him as a “programmer from the 60s.”

Despite raising formal complaints about this behavior, Plaintiff faced a sudden reduction in

responsibilities, warnings for procedural adherence, and eventually account lockout and

termination.

VI. RETALIATORY ACTIONS & TERMINATION

• Feb–Mar 2025: Plaintiff’s work for QBE intensified, including tasks over weekends,

despite lack of proper tools.

• Mar 12, 2025: Plaintiff pushed back on narrowing the scope of a CRO-led investigation

and was immediately reprimanded.

• Mar 14, 2025: Plaintiff was terminated without valid cause.

• Mar 15, 2025: Mphasis legal counsel initiated a purported investigation, post-

termination.

Claims of unauthorized international work were refuted with written managerial approval for

Plaintiff’s travel to London and Cannes.

VII. LEGAL IMPLICATIONS

The totality of the evidence supports claims including, but not limited to:

• Whistleblower Retaliation (SOX, Dodd-Frank)

• Constructive Discharge

• Wrongful Termination

• Age Discrimination (ADEA, state statutes)

• Improper Use of Intellectual Property

• Violation of Internal Compliance and IT Security Policies

VIII. CONCLUSION

This is a textbook case of an employer mishandling protected disclosures while penalizing the

employee who raised them. Mphasis not only failed to uphold its legal and ethical obligations—it actively created a hostile environment, withheld standard equipment, mocked the Plaintiff’s

age, and punished his diligence.

Plaintiff seeks full remedy under applicable statutes for retaliation, discrimination, and damages

stemming from Mphasis’s actions and omissions.

Prepared by: Confidential Counsel to Plaintiff Date: April 12, 2025