A suspended IT worker caused at least $200,000 of damage in an act of revenge upon his employer, according to a press release published by the West Yorkshire Police, in England (h/t The Register). The report indicates that Mohammed Umar Taj went on a digital rampage following his suspension from work. Employer-hostile acts included altering login credentials and disrupting the company’s multifactor authentication (MFA) systems. Taj was sentenced to seven months and 14 days after admitting the charges at Leeds Crown Court last week.
With a long history of similar reports in the public domain, it is surprising that disgruntled IT workers are still suspended without system access being revoked beforehand. However, such wise precautions might not be entirely possible to implement promptly for some roles, in some organizations.
The source indicates that Taj sprang into vindictive action “within hours of being suspended from work in July 2022.” He proceeded to unlawfully access company systems “to deliberately alter login credentials to disrupt the company’s day-to-day activities,” says the law enforcement source. On the second day of his spree, Taj would go on to hobble the company’s MFA systems.
As well as the monetary damage, due to “lost business,” Taj is accused of inflicting reputational harm on his (ex) employer. The unnamed firm was reportedly frustrated as not only were the activities of staff in Yorkshire impacted, but the cyber-damage spread to clients “both in the UK and overseas in Germany and Bahrain,” according to the police report.
Last week, Taj appeared before Leeds Crown Court, in Yorkshire, for sentencing. The 31-year-old “admitted a charge of committing unauthorized acts with intent to impair the operation of or hindering access to a computer at a previous hearing,” say the police. He now faces seven months and 14 days in custody.
The official police report on Taj’s disruptive-in-a-bad-way spree concludes with some friendly advice to employers. “Protecting your network prevents data loss and costly cyberattacks. It also maintains trust with clients and stakeholders,” said Detective Sergeant Lindsey Brants of West Yorkshire Police’s Cyber Crime Team. “We urge all businesses to look at their network security.”
Follow Tom’s Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.
