oops

Linked – Fired admin cripples former employer’s network using old credentials

I spent a lot of my time these days focused on onboarding, bringing in new people, getting them up to speed, and contributing. That’s an important process. So is off-boarding, because when you don’t have a proper process for departing employees, stuff like this can happen.

“After being laid off, an IT system administrator disrupted the operations of his former employer, a high-profile¬†financial company in Hawaii, hoping to get his job back.

Casey K. Umetsu, aged 40, worked as a network admin for the company between 2017 and 2019, when his employer terminated his contract.

The U.S. Department of Justice says in a press release that the defendant pled guilty yesterday to accessing his former employer’s website and making configuration changes to redirect web and email traffic to external computers.”

We’ve seen this happen too many times. This isn’t the outlier that it should be. Please define a process for handling departed users to avoid this and ensure you preserve relevant data when they make an employment claim against you. Leaving it up to IT to “get around to it” when they have some spare time is not a process.

https://www.bleepingcomputer.com/news/security/fired-admin-cripples-former-employers-network-using-old-credentials/

Similar Posts

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.