Other issues in this category (14)
Thursday, December 15, 2016
After his dismissal on DD, MM, YY from the company <COMPANY_NAME>, he <FULL_NAME> failed to tell the company about all the accounts (logins and passwords) he created that are used to access the company's server at IP address 22.214.171.124 from any computer on the local network of the company <COMPANY_NAME> and to create, modify and delete files on the server's hard drives. At the same time, the individual, knowing that he (FULL_NAME) was no longer an employee of the company (COMPANY_NAME), had no right to access protected information on the above-mentioned server and intended to use the account information to unlawfully access information on the server connected to the company <COMPANY NAME>'s network, without having the legal grounds to do so or permission from its rightful owner.
Seemingly, everything is clear: an unjustly fired employee, his revenge, and the court ruling. However, the employee was found not guilty and acquitted by the court.
So, what happened? A system administrator quit his job but kept logins and passwords that could be used to access resources at his previous place of employment—many people do this because there is no way to document all the information that is relevant to their work, and their assistance may be required after their dismissal. He also regularly checked the corporate mailbox he previously used—information about his logins was registered in system logs. In addition, he stored hacking tools on his computer. As a result, when the company (which, by the way, did not change the passwords) ran into trouble, it blamed the former employee. He had a motive and opportunity; it looked like an open-and-shut case.
Eventually, truth prevailed, but there’s no way he can get back the time he spent in jail.#law #responsibility #damage #password #corporate_security
The Anti-virus Times recommends
- Ideally, if an employee is to be dismissed, all their logins and passwords should be changed before they are given a dismissal notice. If there is no way for them to access the company's network, there is no reason to charge them for offences committed remotely after their dismissal.
- Many things can happen in life; try to avoid situations that can be turned against you. Do not use hacking tools and pirated materials, especially at your workplace; delete extra passwords and logins that you used for past projects or while at a company—disconnect completely from all company resources.
Remember that courts favour those who provide convincing evidence!