Interesting. Matt Asay posited a while back...
... people wouldn't be interested in pirating financial market software...
-- -- http://www.theregister.co.uk/2010/09/24/piracy_open_source_bsa/
-- -- -- About half-way down:
-- -- -- "While the BSA is concerned with paid-for, proprietary software, most of the world's software is not written by proprietary software firms, but instead by enterprises whose primary business is not software, but rather finance, pharmaceutical and so on. The software written by Morgan Stanley for Morgan Stanley simply isn't going to be pirated."
... while I indicated that the potential profits of successful industrial espionage against a market trading firm make it worth-while to some:
-- -- http://forums.theregister.co.uk/forum/1/2010/09/24/piracy_open_source_bsa/
-- -- -- Again, about half-way down:
-- -- -- "To use Morgan Stanley as an example: A slightly-off-center firm could "buy" a chunk of code from a disgruntled Morgan Stanley IT wonk, reverse-engineer the code to gain insight into Morgan Stanley's trading algorithms, and look for routines related to arbitrage transactions**. They could then design more efficient, lower-latency routines that take better advantage of price difference windows, thereby gaining a competitive advantage with regard to automated trades.
Never underestimate the power of (successful) industrial espionage."
The alleged perpetrator could (conceivably) made a lot of cash from his misdeed, except he used the wrong tools and facilities to commit the crime: He used the company's network to transfer the stolen material to servers across the Big Pond. Even if he encrypted the code, libraries, etc. before transmission, I venture that sending what was likely a substantial amount of data to a foreign IP address threw up a lot of red flags, and quickly caught the attention of the network/security admins at Goldman Sachs.
Not to mention that the Bourne-Again Shell keeps command history in a file, which means, ostensibly that the command history is written to a storage device of some sort. I doubt the developer's workstation ran from a RAMdisk, and depending on the underlying filesystem, the history of his entire session may have still been recoverable, even if he took care to erase it; some filesystems use a Copy-on-Write process which maintains earlier versions of files in their entirety until a lack of space mandates the used blocks be reclaimed.