Never a problem, always a good thing to ask for sources. I’ll admit, I’ve been having a fairly difficult time re-finding all the origional sources however I did get the majority of my information from a guy called Kira on youtube. He goes through the actual documents but, sadly, doesn’t directly link to the docs. I’ll post those links at the end

Firstly, their admittion to keeping nexons server after being told to shut it down

Taken from their post here:
https://www.reddit.com/r/DarkAndDarker/comments/122rz27/dmca_discord_update/

Due to a mandatory remote work policy implemented by Nexon in response to the COVID-19 pandemic, the accused member received multiple written authorizations from executive members at Nexon from 2020 to 2021, allowing him to utilize an external personal server to improve the performance of his team (e.g., version control, build machine, and dedicated server). After utilizing the personal servers for almost a year, the accused member asked the leadership if it was ok to continue using his personal servers. The leaders told him to refrain from using the personal servers. The accused member agreed to takedown the servers as long as he could maintain the performance of his team by having his programming team come to the office bypassing the companywide remote work policy.

The accused member initiated the takedown of the personal servers but, due to the uncertainty of sporadic Covid waves, taking down the server in a quick and exhaustive manner was not a high priority. As a result, some automated scripts related to the build machine were left running on his personal server at this time. When the buildings next to his office were shut down due to confirmed covid cases he took a risk and fully set up his personal servers to aid in development. Since all company machines were monitored using a companywide endpoint solution, the existence and usage of his personal servers, ones that were subject of approvals and re-approvals, must be reasonably known to Nexon over this multi-month period of development. Not a single warning was received from that security team so it was easy to construe it as acknowledgement that his actions were acceptable, otherwise it would mean that Nexon would be failing at taking reasonable measures to maintain the confidentiality of their assets.

Shortly after Nexon’s leadership became aware of the accused member’s plans to leave the company, instead of trying to resolve it a professional manner, they abruptly sent the Internal Audit team and accused him of stealing files, despite having observed his personal server being used without notice for several month. Due to harassment and the lack of respect from the company and after consulting with his lawyers, he concluded that his private information on his private servers was not subject to any record so he deleted his information to ensure his privacy.

Note their arguments for it being OK stem from nexon not taking action sooner, and stating they should have recognized the servers were being used during their tenure. As a developer, I should state that mirroring the entire server is uneeded and very weird to see. Usually, proxying in, using git, and their on site build servers through that proxy is the standard. Also, no, nobodies looking at access logs until there’s an issue. I cannot find nexons responce directly, but it is shown in the following videos

Here’s some Piped links to the coverage from Kira:
Looking over lawsuit: https://piped.adminforge.de/watch?v=42SzJLadbHg&list=PL27KYsg0ANj1YskyapNmhwVX8UdbeCuvR&index=6
Full Playlist: https://piped.adminforge.de/playlist?list=PL27KYsg0ANj1YskyapNmhwVX8UdbeCuvR

Once more on youtube if you prefer:
Looking over lawsuit: https://youtube.com/watch?v=42SzJLadbHg&list=PL27KYsg0ANj1YskyapNmhwVX8UdbeCuvR&index=6
Full Playlist: https://youtube.com/playlist?list=PL27KYsg0ANj1YskyapNmhwVX8UdbeCuvR