Hacker Warned Former Colleagues Of Potential Layoffs
from the not-your-usual-hacking dept
Over the years, we've seen plenty of stories about former employees hacking into their former employer's computer system and causing all sorts of problems, from deleting data to spamming people to downloading confidential information. However, the latest arrest in such a case is a strange one. A former executive at a publishing company, who had left the company three years ago recently hacked into the network, read some emails about pending layoffs and warned some former employees that they might be at risk of losing their jobs. He did it all anonymously, but it wasn't that difficult to track the email and the network access back to him. Still, this seems odd. He clearly broke the law, accessing the network and reading private emails, but unlike most cases of bitter ex-employees getting back at their company, it seemed like he was just keeping an eye out for his former colleagues. Either way, can someone explain why the company left this guy's ability to login open for three whole years after he was no longer with the company?Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Login
[ link to this | view in chronology ]
System Administration
One of the first changes I would suggest/make when assuming the duties was that all employees would be required to 'check out' with the system adminstrator prior to completion of termination or transfer along with all the other stops they would have to make. This improved access control, which was also reviews on a regular basis, as well as the transfer backup, and elimination of files on the server(s).
As with any security issue, it's about process. If you don't have the processes in place, you don't have security and you end up as a poster child in the WSJ or Tech Dirt.
[ link to this | view in chronology ]
Re: System Administration
www.thatpoliticalblog.com
[ link to this | view in chronology ]
Re: System Administration
They call this guy a HACKER which I doubt he is. If this guy actually access the company email by way of hacking, I believe they should fire the current IT Manager and the Network Admin. A good hackers do cover their foot print. A good hacker do know that their email can easily be track no matter where you send it from.
Another example; I still can get to my X-employer data.... and email....lol without hacking of course.
[ link to this | view in chronology ]
Good On Him
[ link to this | view in chronology ]
Hacking in?
The key thing is that he did hack in and break the law. What he did wasn't immoral, but it was illegal.
[ link to this | view in chronology ]
Hold up...
Either way, can someone explain why the company left this guy's ability to login open for three whole years after he was no longer with the company?
If his company identity was still valid and that is what he used to get in then it wasn't a hack. Can't have it both ways. Either the door was left open and he walked in or he forced his way in.
What bothers me is that I'm willing to bet that the company in question is more upset that he warned employees than they are over fact that he got in.
[ link to this | view in chronology ]
Re: Hold up...
[ link to this | view in chronology ]
Re: Re: Hold up...
[ link to this | view in chronology ]
Re: Re: Hold up...
I am not very familliar with the legal aspects, but I think you would have to bypass some security mechanism (break the window, disable the alarm system) or refuse to leave after receiving a warning that you have no right being there, before you would be liable for this behavior.
The article talks about hacking but does not mention any specific activity. It would even be possible, that the information has been obtained from a mail being sent to an out of date mailing list and then forwarded to an external account or by using his (after 3 years still active) old company account to check his mail.
[ link to this | view in chronology ]
how many accounts did he have?
He was guilty of "hacking" his way in by the very nature of connecting. And the article doesn't say if he broke in or simply had an active account. At any rate, there is a good chance he would know a number of user names, and might know at least some of the people's password schemes. Most people use a easily identifiable scheme for rotating their password.
[ link to this | view in chronology ]
Hacking in.
I say this because by definition a Hacker is a person who gains "Unauthorized" Access to a system or series of systems. If there is nothing in place stating that the system is for Authorized personnel, then access is not restricted, even if there is a security mechanism.
-The Computer Fraud and Abuse Act. - read it sometime, as it is kind of funny and irritating at the same time.
(2) intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains--
Anyhow, if there is nothing in place telling him to the contrary, then he did not hack a damn thing, only wondered around and open system. It's their fault should that be the case for not trying to let people know the authorization level of a system.
[ link to this | view in chronology ]
Re: Hacking in.
[ link to this | view in chronology ]
Re: Hacking in.
[ link to this | view in chronology ]
"He worked for Source Media, a company with 1,000 employees, between 1997 and his termination in 2003. He worked there, at different times, as both the director of IT and VP of technology. In those positions, he reportedly had access to the passwords for the e-mail accounts of Source Media employees."
1) bad security policy is bad security policy. Nobody should have access to other people's password. Having password available to anyone else but the user of the account is asinine. This is my guess how he *hacked* in the system.
2) real hackers cover their tracks. Even when being a good samaritan and warning a friend, you know there is a potential for backlash, especially when what you are doing is illegal. Best advice for people commiting a crime: don't get caught, don't leave fingerprints all over the place (or ip addresses, username/passwords or other bits of log that point back to you)
3) media like to spin banal abuse and bad computer security as hacking, just like now any flavor of credit card fraud is identity theft. Makes juicier headlines I guess.
[ link to this | view in chronology ]
I wonder...
[ link to this | view in chronology ]
Re: IT Director?
This guy was the Director of IT. Obviously he was not at the top of his game when he worked there, or any possible methods of him gaining access would have been nullified upon his leaving the company. More than likely, he either left a couple of user accounts for himself available or used someone elses username and password.
Again, any IT director that has any business being an IT director would make sure that there was a) a password policy b) a Remote Access policy c) A Termination Policy.
Personally, this tells me that their current IT staff is negligent. The new IT director would obviously know that this guy left and that he would have access to the system and should have made changes to prevent this type of thing from happening.
I flip burgers, can I be your new IT guy? :-)
[ link to this | view in chronology ]
Thats the kind of thing that I need.
[ link to this | view in chronology ]
http://www.techweb.com/showArticle.jhtml?articleID=194700003&cid=RSSfeed_TechWeb
[ link to this | view in chronology ]
Re: System Administration
I have worked as a contractor at companies where different systems and web accounts were not locked down. I corrected all these problems.
[ link to this | view in chronology ]
[ link to this | view in chronology ]