(Image kindly borrowed from ~Thermico on Deviant Art)
It’s not a tale that’s unheard of.
Company gets rid of employee.
Disgruntled employee seeks revenge.
Company’s database gets messed with.
Employee laughs, even though he eventually gets caught.
It’s happened again, this time in Georgia. Wired reports that the ex-employee:
“used legitimate credentials to log into the company’s network Feb. 3 at around 6 a.m., then proceeded to systematically delete the contents of 15 virtual hosts on the network. These included the company’s e-mail and BlackBerry servers, as well as its order-tracking system and financial-management software.”
That’ll teach ‘em to forget how important you are, burn your user name into their brains.
Now, there are a few details that make this story interesting…
- The company completely neglected to revoke the ex-employee’s access to the network, leaving their information technology goodies verrry vulnerable. Sure, the guy did some unauthorized manipulating, but how smart is it to leave your castle unprotected in the first place?
- The ex-employee used his original work login, as if he wanted to get “caught.”
- The officials retrieved the ex-employee’s credit card information from Google, which wasn’t really necessary (since he did nothing to hide his IP address and login activity).
- The employee chose to do his hacking at a local McDonalds. Incidentally, his credit card usage was divided between online mischief and big macs.
With all this evidence against him, the ex-employee did not hesitate to plead guilty. Which could earn him a maximum of 10 years in prison and a $250,000 fine.
But at least now they’ll always remember him. (Not fondly, but still.)