$200,000 Sofa.com Domain Name Stolen by Employee

$200k sale of Sofa.com in 2005 was unauthorized by employer.

The Sheboygan Press is reporting that a Sheboygan man was charged with selling his employer’s domain name for $200,000 and using corporate credit cards to finance international trips with a stripper girlfriend, according to complaint filed today in Milwaukee County Circuit Court.

The domain in question is Sofa.com, which DNJournal reported sold for $200,000 in December 2005. The complaint alleges that Stephen M. Galstad sold the domain, which belonged to his employer Dinesen’s Leather Only, to a London-based firm without the company’s permission and then had the money wired to his personal account.

This isn’t the first time a big ticket domain has been purchased that turned out to be stolen or otherwise unauthorized. A large domain name owner in Texas lost a domain that he paid $150,000 for after it turns out the seller had stolen the domain name.

Given that Galstad allegedly had the money wired directly into his account, it would appear that this was outright theft. However, as domain values rise don’t be surprised to see companies file suits against people who bought domains from them. The suits will claim that an employee sold the domains without authorization. The business owner might have “seller’s regret” and try to get the domain name, now worth much more, back in his hands.

This is also a wake up call to companies that they need to keep ownership and authorizations of their domain names under lock and key by the highest members of the organization, and perhaps even the board of directors.

It is unclear whether or not the buyers of Sofa.com, which run a legitimate web site, will have to return the domain. If Dinesen’s Leather Only wants the domain back, it will be up to a judge to decide if the buyers should have assumed Galstad had legal authorization to sell the domain. Dinesens Leather Only may also decide to not go after the domain but instead try to get the money from Galstad.


  1. Boothie says

    If he was able to permit the transfer of the domain, then it was necessarily his domain to transfer. Anyone who has registered a domain will tell you that there is simply no other possible way to determine a domain’s ownership than to ask for the password that was created for it upon its registration, or to have access to the email address to which this password ‘reminder’ would be sent upon request.

Leave a Reply