The Verge reports that the employee worked for Ubiquiti. He was caught because his IP address was exposed "during an internet outage...[that] disrupted his VPN". I assume he had a software-based VPN/firewall that crashed while he was stealing data from Ubiquiti.
[1] https://www.theverge.com/2023/2/3/23584414/ubiquiti-develope...