Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
Crime IT

IT Worker Sentenced To Seven Months After Trashing Company Network (theregister.com) 128

Posted by msmash from the office-space-gone-wrong dept.
An anonymous reader shares a report: A judge has sentenced a disgruntled IT worker to more than seven months in prison after he wreaked havoc on his employer's network following his suspension, according to West Yorkshire Police.

According to the police, Mohammed Umar Taj, 31, from the Yorkshire town of Batley, was suspended from his job in nearby Huddersfield in July 2022. But the company didn't immediately rescind his network credentials, and within hours, he began altering login names and passwords to disrupt operations, the statement says.

The following day, he allegedly changed access credentials and the biz's multi-factor authentication settings that locked out the firm and its clients in Germany and Bahrain, eventually causing an estimated $274,200 in lost business and reputational harm.
This discussion has been archived. No new comments can be posted.

IT Worker Sentenced To Seven Months After Trashing Company Network More

IT Worker Sentenced To Seven Months After Trashing Company Network

Comments Filter:

  • Yes, they will get caught. Yes, they will go to prison. And, yes, they will pay for the damage, probably for a long, long time.

    • Re: (Score:2)

      by Bahbus ( 1180627 )

      You know who else doesn't seem to learn? All these companies with shitty IT policies who don't know how to secure their networks appropriately. There is at least one of these stories every year.

  • I don't understand what his end goal was. He had to know they'd know it was him. It just seems incredibly short-sighted to be that vengeful.

    • Re:...but why?? (Score:5, Insightful)

      by Knightman ( 142928 ) on Tuesday July 01, 2025 @04:01PM (#65489560)

      People who are vengeful are often also not very rational in that emotional state, history is littered with examples of this and they seem incapable of extrapolating the consequence of their shortsighted actions. In this case, the dude's rampage came about because he was suspended from work which indicates he had already generated a fair amount of "friction" at his workplace.

      • Re: (Score:2)

        by mjwx ( 966435 )

        People who are vengeful are often also not very rational in that emotional state, history is littered with examples of this and they seem incapable of extrapolating the consequence of their shortsighted actions. In this case, the dude's rampage came about because he was suspended from work which indicates he had already generated a fair amount of "friction" at his workplace.

        A better question is "why are so many employees irrationally vengeful"?

        I suspect we all know why but don't want to admit that the way the US allows employers to treat employees is horribly broken. Much easier to pretend they're just "wronguns" and offer thoughts and prayers for the quarterly results.

        • Sure, but a vengeful action that makes a person's situation worse is stupid regardless of what led up to it or how shitty the employer is. There's no rational reason at all for anyone to sacrifice themselves on the alter of shitty employers, especially since shitty employers tend to make sure they get their pound of flesh with some extra sprinkles on top.

    • Re:...but why?? (Score:5, Interesting)

      by EvilSS ( 557649 ) on Tuesday July 01, 2025 @04:19PM (#65489582)
      I ended up involved in a similar case as a consultant. Admin was let go and I advised at the time that they consider forcing an across the board password change (This was one of those places where the admins would just ask users for their passwords when troubleshooting with them so they knew a bunch of user account creds). They declined. I was called back a week or so later when stuff started breaking. The old admin offered to come back and "consult" to fix the issues, for a decently high rate of course. He thought they would be grateful and he would make some extra cash off of his revenge while he looked for a new job.

      Unfortunately for him I noticed some oddities with how things were broken and started digging. He ended up pleading guilty in federal court.

      • Yeah those were the days. More than a decade ago I worked for a company that had an IT services business. They had a single administrative account that they used everywhere. All the IT staff, and many others, knew the password to this account. When I pointed out this security problem, they wanted to change it but couldn't, because it was hard-coded in so many places, and used in so many interconnected services, that changing the password would have brough down their entire operation.

      • Re: (Score:2)

        by AmiMoJo ( 196126 )

        Kinda happened to me when I left one company. I documented everything, but they couldn't find a replacement before I left so there was no in-person hand-over. Ended up doing a bit of consulting work to get them up an running again with things I was maintaining. Not malicious, they just didn't have anyone else with the right knowledge/skills to take over. I don't think they realized how much I was doing, how complex the systems were.

        • Re: (Score:2)

          by EvilSS ( 557649 )
          I've seen that happen plenty of times. It's usually a case of "So-in-so did that" being the answer to every question once they left or where laid off and yea, the bosses never realized it.

  • Reputational damage? (Score:5, Informative)

    by smooth wombat ( 796938 ) on Tuesday July 01, 2025 @04:20PM (#65489584) Journal

    If the company didn't rescind his credentials immediately upon firing, that's all the reputation you need to know.

    This is basic security practice taught in every 100 level IT security course.

    • Re:Reputational damage? (Score:4, Informative)

      by Tony Isaac ( 1301187 ) on Tuesday July 01, 2025 @05:06PM (#65489652) Homepage

      He wasn't fired immediately, he was suspended, and did the damage will still an employee.

      • Re:Reputational damage? (Score:4, Insightful)

        by grasshoppa ( 657393 ) on Tuesday July 01, 2025 @08:25PM (#65490090) Homepage

        ...doesn't negate the question; why wasn't his account disabled? A suspended employee has no reason to access secure systems, this should be the default.

        I'm having a hard time imaging a reason for suspension that wouldn't necessitate the need to disable his credentials.

        • Suspension is done with the assumption that the employee is coming back. At that point, they would have all access restored anyway. If the offenses were so severe that they would necessitate terminating access, they should just fire the employee. If they don't fire the employee, they have to continue to trust the employee, sooner or later.

          • Suspension means the employee isn't performing their job duties; hence they don't need access to the system. Same thing applies, admittedly to a lesser extent, to when admins go on vacations.

            On top of that, suspensions are not done with the assumption that the employee is coming back; it's more of a "get the person out of here NOW while we build our termination case" type of thing. Suspensions are almost always for ethical reasons, which is precisely the type of person who shouldn't have access, and there

            • Find, you can look at suspension however you want to, but that's not how companies see it. It's not customary to cut off access to suspended employees, and certainly not employees who go on leave, at most companies.

              As we can see here, disabling his credentials was clearly called for, so between yours and my perspectives, which would you say is more correct?

              This is an egregious and unusual case. It's news because it's unusual, ordinary suspensions don't make the news because they are boring. So this case does not prove the rule.

              • That is how companies see suspensions, at least competent ones. And here, with this story, we see WHY.

                But by all means, continue to believe otherwise in the face of contrary evidence. My contracting rates are very reasonable ( considering the alternative of course ), so it's in my best interest that more companies think as you do instead of following my advice.

                • And here, with this story, we see WHY.

                  This is an attempt to prove the rule, by citing an extreme case. This case is *not* typical, but rare. You completely ignored that crucial point.

                  You don't build your house with bullet-proof glass, despite the unlikely, but non-zero, probability that someone would shoot through them. You build your house to withstand risks that are probable enough to justify the expense.

                  The probability of a rogue employee will sabotage your company's entire operation, even an employee that is fired for cause, is remote, thou

                  • Of course you design your policies and procedures to protect against rogue employees, particularly in IT and especially with admins who have greater levels of access.

                    Suggesting otherwise exposes your own ignorance as to how IT security operates in companies ( or how it's supposed to ). Everywhere I've worked, suspended employees were treated as terminated as far as their access to resources were concerned ( up to and including email ). Most places would ask you to tell them if you were traveling out of co

                    • Your personal experience with employers is not representative. It certain differs from mine.

                      Like anything else, security is a cots/benefit question. You put your family at risk of bullet strikes, by not having bulletproof glass windows on your house and car. Why don't you do it? Too expensive.

                      Many, especially smaller, companies, have more lax security policies because they are expensive, and because they trust their people. Implementing rigid security policies costs time and money, neither of which are avai

          • Suspension is done with the assumption that the employee is coming back.

            That's often not true. Suspension can often be done as part of an investigation where there's a suspicion that someone has done enough to be fired but the evidence isn't yet clear enough. The assumption is that, if the suspicion is confirmed they will be fired. Moreover, is has to be a suspicion of something potentially serious otherwise they would be allowed to continue work.

            • Suspension by definition means that there is not enough proven cause (yet) to fire the employee. If there were, they would fire the employee without a suspension. So suspension doesn't assume either that the employee is, or is not, coming back.

              In this particular case, the company would have known at the beginning of the suspension, whether they planned to fire the guy or not. They would have known whether it was a formality or whether they were really trying to rehabilitate. The fact that they didn't disabl

              • In this particular case, the company would have known at the beginning of the suspension, whether they planned to fire the guy or not.

                I don't find that clearly in either TFA or even the articles linked. How do you know that? I didn't see something clearly stating why he was suspended or wheter they were sure.

                As far as the rest, et me just rearrange a little what you said.

                The fact that they didn't disable his credentials, implies that they thought he was coming back.

                however suspension doesn't assume either that the employee is, or is not, coming back.

                Even if you are pretty sure he's coming back after suspension, you can't actually ever be fully sure. The employee might just get resentful at what they think is unfair treatment and leave anyway. I might deliberately leave something open to see what they do, but I would

                • My question is simply, if they didn't intend to reinstate him, why *didn't* they disable his credentials?

                  You are also right, why didn't they do so regardless? That's a good question. But if they did intend to fire him, they would very likely have immediately disabled his credentials.

                  • I mean it could be the clowns:

                    There are 20 admins and we all share the same password for all of the key admin accounts on the Windows servers and the routers - we've never done a password change in the last 15 years I've been working here. I've got a long weekend setting up the new LDAP server for the automated mailing solution. If you make that change I can't guarantee anything will work next week.

                    they and their funny IT strategies seem to be in charge in far too many places.

        • ...doesn't negate the question; why wasn't his account disabled? A suspended employee has no reason to access secure systems, this should be the default.

          I'm having a hard time imaging a reason for suspension that wouldn't necessitate the need to disable his credentials.

          Totally agree about this. There's another way of thinking about it. These are your colleagues, possibly even friends. You have no idea what stress they have been under. Maybe they have some disease in the family or financial problems. Maybe they are under major stress. They may not be thinking straight. They might go home and have their partner scream at them about being useless. It might be int he middle of some kind of mental breakdown that they go crazy and damage a system they would never do anything ba

  • If he really wanted ... (Score:5, Funny)

    by PPH ( 736903 ) on Tuesday July 01, 2025 @05:44PM (#65489712)

    ... to screw over the company, he should have purchased an enterprise VMWare license. And then negotiated a cloud contract with Oracle.

    [Saw this posted elsewhere]

  • My guess his financial asset capacitor is going to get discharged in a civil proceeding. The guy might be walking around with no shirt afterwards, if you know what I mean.

  • Side #1: You felt slighted. Disrespected. Unappreciated.
    You lose your temper. Do something of questionable judgement. Momentary satisfaction as you see them scramble to replace you.

    Side #2: You still have to work there. It sucks because you kinda liked the guy causing all the problems. You understand his reasoning, but you're trapped because you're definitely not in a position to do something similar. So you save your own ass.

    I see both sides. The corporate money usually wins. An unfortunate fact of

    • But I don't dismiss the disgruntled employee's claim.

      What claim is that? There's nothing in TFS or TFA that indicates the ex-employee has attempted to justify his behavior at all.

      Additionally, you missed...

      Side #3: You've known the guy was an immature ass for quite some time, and warned your superiors that best practices dictate every bit of access he had should be rescinded right away and every password he had access to be changed immediately - but they neglected to act.

      • What claim is that?

        You fired the "immature ass" and left him in full control of passwords etc. What did you expect? It's the classic case of expecting professionalism while not projecting professionalism. They don't give a fuck about this guy. Why should he give a fuck back?

  • How he got terminated LOL

Slashdot Top Deals

"It is better to have tried and failed than to have failed to try, but the result's the same." - Mike Dennison

Close