Security News > 2022 > September > Fired admin cripples former employer's network using old credentials
After being laid off, an IT system administrator disrupted the operations of his former employer, a high-profile financial company in Hawaii, hoping to get his job back.
Casey K. Umetsu, aged 40, worked as a network admin for the company between 2017 and 2019, when his employer terminated his contract.
"After using his former employer's credentials to access the company's configuration settings on that website, Umetsu made numerous changes, including purposefully misdirecting web and email traffic to computers unaffiliated with the company, thereby incapacitating the company's web presence and email" - the U.S. Department of Justice.
"Umetsu criminally abused the special access privileges given to him by his employer to disrupt its network operations for personal gain," said U.S. Attorney Clare E. Connors.
While Umetsu's actions are condemnable, the company's security practices cannot be overlooked since Umetsu used credentials that should have been invalidated the moment he got fired.
In September 2021, a fired credit union employee hacked into her former employer's computer systems and deleted 21 GB of important business data.