Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Crime IT

IT Worker Sentenced To Seven Months After Trashing Company Network (theregister.com) 65

An anonymous reader shares a report: A judge has sentenced a disgruntled IT worker to more than seven months in prison after he wreaked havoc on his employer's network following his suspension, according to West Yorkshire Police.

According to the police, Mohammed Umar Taj, 31, from the Yorkshire town of Batley, was suspended from his job in nearby Huddersfield in July 2022. But the company didn't immediately rescind his network credentials, and within hours, he began altering login names and passwords to disrupt operations, the statement says.

The following day, he allegedly changed access credentials and the biz's multi-factor authentication settings that locked out the firm and its clients in Germany and Bahrain, eventually causing an estimated $274,200 in lost business and reputational harm.

IT Worker Sentenced To Seven Months After Trashing Company Network

Comments Filter:
  • Yes, they will get caught. Yes, they will go to prison. And, yes, they will pay for the damage, probably for a long, long time.

    • Why do assume they will pay for anything instead of going bankrupt?

      Hard time breaking rocks into gravel is real punishment. Confinement under lax modern conditions is not.

      • by Whateverthisis ( 7004192 ) on Tuesday July 01, 2025 @04:23PM (#65489590)
        "Punishment isn't working": you can't prove that because it's proving a negative. How many people thought about causing damage to their employer after getting laid off, but decided not to because they knew they would go to prison?

        Related to that, even a harsh punishment doesn't necessarily mean that someone will make an illogical choice not considering the consequences; you will never stop 100% of issues like this because there will always be someone who misunderstands their situation and makes an illogical choice regardless of punishment.

        • by mjwx ( 966435 )

          "Punishment isn't working": you can't prove that because it's proving a negative. How many people thought about causing damage to their employer after getting laid off, but decided not to because they knew they would go to prison?

          Related to that, even a harsh punishment doesn't necessarily mean that someone will make an illogical choice not considering the consequences; you will never stop 100% of issues like this because there will always be someone who misunderstands their situation and makes an illogical choice regardless of punishment.

          Actually it's pretty easy to demonstrate via recidivism rates. If punishment is working, you'd see repeat offences going down, if it's not working you'd see more repeat offenders.

          To save you the trouble of getting angry at google, you can get angry at me for telling you that countries with less harsh punishments have much lower recidivism rates and countries with harsher punishments tend to have more crime.

          Prevention is a lot better than cure, realistically if treating prisoners like humans helps them

      • This guy's record will follow him his entire life. These days, it's really hard to get hired anywhere, particularly in IT, if you have a criminal record. That's pretty severe (and appropriate) punishment, in my opinion.

        • UK spent convictions (Score:4, Interesting)

          by Bruce66423 ( 1678196 ) on Tuesday July 01, 2025 @06:14PM (#65489778)

          After four years and seven months his official record will become invisible as it will be spent conviction. Even before that the information isn't normally easily available, though the publicity in this case has generated me be more of a problem for him, as an internet search will reveal him. So it may be less of a disaster than you think, though he may struggle.

          https://en.wikipedia.org/wiki/... [wikipedia.org]

          • Interesting, the US doesn't have any such "spent conviction" law. Your past crimes can literally follow you the rest of your life.

            Even in the UK, according to the Wikipedia article you linked, there is a long list of professions that are exempt from the law, so it does still narrow the potential positions that this man could hold.

        • by MrKaos ( 858439 )

          This guy's record will follow him his entire life.That's pretty severe (and appropriate) punishment, in my opinion.

          Nope, his notoriety will increase, the criminal record will be ignored and once he gets through the hard times of the hooplah he will be paid even more.

          I say this because I have seen this *exact* situation before with a former colleague and it did wonders for his career. He basically did what everyone has thought about and paid for it - those types of experience carry value.

          • Nope, his notoriety will increase, the criminal record will be ignored and once he gets through the hard times of the hooplah he will be paid even more

            Reality is that he didn't do anything requiring any marketable talent. Anyone can go and smash up things. And it is clearly evident to everyone that his actions were caused by utter uncontrolled stupidity.

            You wouldn't give him a job as a taxi driver, because you'd have to fear that he smashes up all your taxis at any time.

      • by abulafia ( 7826 ) on Tuesday July 01, 2025 @05:42PM (#65489704)
        You appear to believe that increasing the severity of a threatened punishment "enough" will eliminate the sanctioned behavior.

        If that were the case, the death penalty would only be applied to the wrongly convicted or intentionally suicidal.

        This is because of two interlocking facts: (a) most criminals are not terribly rational, in particular they tend to have broken time preferences. And (b) many crimes like this are "crimes of passion" - e.g. being stupid because you're super angry.

        Making prisons more sadistic than they are now doesn't fix either of those things. You just make people more resentful and broken when they finally get out.

      • Restitution for criminal conduct generally can't be discharged via chapter 7. This is different from civil liability.

    • by Anonymous Coward
      This case shows exactly why centralized systems are fragile. When one insider can destroy critical infrastructure with a few keystrokes, the problem isn’t just the employee, it’s the architecture. Blockchain offers a fix by designing systems where no single actor has unilateral control and all actions are transparently verifiable. This kind of structural resilience reflects both the collective safeguards envisioned by communism and the trustless integrity proven by bitcoin.
      • by slaker ( 53818 )

        A zillion years ago, I had a contract position at Disney. But I was a temp worker, so they didn't give me a desk. Or a phone. Or a PC to use. Or any official way to check my e-mail. But somehow they DID give me Forest Admin credentials for their ENTIRE Active Directory.

        I was there for six months and when the full time replacement admin finally showed up, they had armed guards escort me out. My replacement let me know after the fact that someone done fucked up setting up my user account. I could've fucked th

    • by Bahbus ( 1180627 )

      You know who else doesn't seem to learn? All these companies with shitty IT policies who don't know how to secure their networks appropriately. There is at least one of these stories every year.

  • I don't understand what his end goal was. He had to know they'd know it was him. It just seems incredibly short-sighted to be that vengeful.
    • Re:...but why?? (Score:5, Insightful)

      by Knightman ( 142928 ) on Tuesday July 01, 2025 @04:01PM (#65489560)

      People who are vengeful are often also not very rational in that emotional state, history is littered with examples of this and they seem incapable of extrapolating the consequence of their shortsighted actions. In this case, the dude's rampage came about because he was suspended from work which indicates he had already generated a fair amount of "friction" at his workplace.

      • by mjwx ( 966435 )

        People who are vengeful are often also not very rational in that emotional state, history is littered with examples of this and they seem incapable of extrapolating the consequence of their shortsighted actions. In this case, the dude's rampage came about because he was suspended from work which indicates he had already generated a fair amount of "friction" at his workplace.

        A better question is "why are so many employees irrationally vengeful"?

        I suspect we all know why but don't want to admit that the way the US allows employers to treat employees is horribly broken. Much easier to pretend they're just "wronguns" and offer thoughts and prayers for the quarterly results.

        • Sure, but a vengeful action that makes a person's situation worse is stupid regardless of what led up to it or how shitty the employer is. There's no rational reason at all for anyone to sacrifice themselves on the alter of shitty employers, especially since shitty employers tend to make sure they get their pound of flesh with some extra sprinkles on top.

    • Re:...but why?? (Score:5, Interesting)

      by EvilSS ( 557649 ) on Tuesday July 01, 2025 @04:19PM (#65489582)
      I ended up involved in a similar case as a consultant. Admin was let go and I advised at the time that they consider forcing an across the board password change (This was one of those places where the admins would just ask users for their passwords when troubleshooting with them so they knew a bunch of user account creds). They declined. I was called back a week or so later when stuff started breaking. The old admin offered to come back and "consult" to fix the issues, for a decently high rate of course. He thought they would be grateful and he would make some extra cash off of his revenge while he looked for a new job.

      Unfortunately for him I noticed some oddities with how things were broken and started digging. He ended up pleading guilty in federal court.
      • Yeah those were the days. More than a decade ago I worked for a company that had an IT services business. They had a single administrative account that they used everywhere. All the IT staff, and many others, knew the password to this account. When I pointed out this security problem, they wanted to change it but couldn't, because it was hard-coded in so many places, and used in so many interconnected services, that changing the password would have brough down their entire operation.

      • by AmiMoJo ( 196126 )

        Kinda happened to me when I left one company. I documented everything, but they couldn't find a replacement before I left so there was no in-person hand-over. Ended up doing a bit of consulting work to get them up an running again with things I was maintaining. Not malicious, they just didn't have anyone else with the right knowledge/skills to take over. I don't think they realized how much I was doing, how complex the systems were.

        • by EvilSS ( 557649 )
          I've seen that happen plenty of times. It's usually a case of "So-in-so did that" being the answer to every question once they left or where laid off and yea, the bosses never realized it.
  • Reputational damage? (Score:5, Informative)

    by smooth wombat ( 796938 ) on Tuesday July 01, 2025 @04:20PM (#65489584) Journal

    If the company didn't rescind his credentials immediately upon firing, that's all the reputation you need to know.

    This is basic security practice taught in every 100 level IT security course.

    • by Tony Isaac ( 1301187 ) on Tuesday July 01, 2025 @05:06PM (#65489652) Homepage

      He wasn't fired immediately, he was suspended, and did the damage will still an employee.

      • by grasshoppa ( 657393 ) on Tuesday July 01, 2025 @08:25PM (#65490090) Homepage

        ...doesn't negate the question; why wasn't his account disabled? A suspended employee has no reason to access secure systems, this should be the default.

        I'm having a hard time imaging a reason for suspension that wouldn't necessitate the need to disable his credentials.

        • Suspension is done with the assumption that the employee is coming back. At that point, they would have all access restored anyway. If the offenses were so severe that they would necessitate terminating access, they should just fire the employee. If they don't fire the employee, they have to continue to trust the employee, sooner or later.

          • Suspension means the employee isn't performing their job duties; hence they don't need access to the system. Same thing applies, admittedly to a lesser extent, to when admins go on vacations.

            On top of that, suspensions are not done with the assumption that the employee is coming back; it's more of a "get the person out of here NOW while we build our termination case" type of thing. Suspensions are almost always for ethical reasons, which is precisely the type of person who shouldn't have access, and there

            • Find, you can look at suspension however you want to, but that's not how companies see it. It's not customary to cut off access to suspended employees, and certainly not employees who go on leave, at most companies.

              As we can see here, disabling his credentials was clearly called for, so between yours and my perspectives, which would you say is more correct?

              This is an egregious and unusual case. It's news because it's unusual, ordinary suspensions don't make the news because they are boring. So this case does not prove the rule.

              • That is how companies see suspensions, at least competent ones. And here, with this story, we see WHY.

                But by all means, continue to believe otherwise in the face of contrary evidence. My contracting rates are very reasonable ( considering the alternative of course ), so it's in my best interest that more companies think as you do instead of following my advice.

                • And here, with this story, we see WHY.

                  This is an attempt to prove the rule, by citing an extreme case. This case is *not* typical, but rare. You completely ignored that crucial point.

                  You don't build your house with bullet-proof glass, despite the unlikely, but non-zero, probability that someone would shoot through them. You build your house to withstand risks that are probable enough to justify the expense.

                  The probability of a rogue employee will sabotage your company's entire operation, even an employee that is fired for cause, is remote, thou

                  • Of course you design your policies and procedures to protect against rogue employees, particularly in IT and especially with admins who have greater levels of access.

                    Suggesting otherwise exposes your own ignorance as to how IT security operates in companies ( or how it's supposed to ). Everywhere I've worked, suspended employees were treated as terminated as far as their access to resources were concerned ( up to and including email ). Most places would ask you to tell them if you were traveling out of co

                    • Your personal experience with employers is not representative. It certain differs from mine.

                      Like anything else, security is a cots/benefit question. You put your family at risk of bullet strikes, by not having bulletproof glass windows on your house and car. Why don't you do it? Too expensive.

                      Many, especially smaller, companies, have more lax security policies because they are expensive, and because they trust their people. Implementing rigid security policies costs time and money, neither of which are avai

          • Suspension is done with the assumption that the employee is coming back.

            That's often not true. Suspension can often be done as part of an investigation where there's a suspicion that someone has done enough to be fired but the evidence isn't yet clear enough. The assumption is that, if the suspicion is confirmed they will be fired. Moreover, is has to be a suspicion of something potentially serious otherwise they would be allowed to continue work.

            • Suspension by definition means that there is not enough proven cause (yet) to fire the employee. If there were, they would fire the employee without a suspension. So suspension doesn't assume either that the employee is, or is not, coming back.

              In this particular case, the company would have known at the beginning of the suspension, whether they planned to fire the guy or not. They would have known whether it was a formality or whether they were really trying to rehabilitate. The fact that they didn't disabl

              • In this particular case, the company would have known at the beginning of the suspension, whether they planned to fire the guy or not.

                I don't find that clearly in either TFA or even the articles linked. How do you know that? I didn't see something clearly stating why he was suspended or wheter they were sure.

                As far as the rest, et me just rearrange a little what you said.

                The fact that they didn't disable his credentials, implies that they thought he was coming back.

                however suspension doesn't assume either that the employee is, or is not, coming back.

                Even if you are pretty sure he's coming back after suspension, you can't actually ever be fully sure. The employee might just get resentful at what they think is unfair treatment and leave anyway. I might deliberately leave something open to see what they do, but I would

                • My question is simply, if they didn't intend to reinstate him, why *didn't* they disable his credentials?

                  You are also right, why didn't they do so regardless? That's a good question. But if they did intend to fire him, they would very likely have immediately disabled his credentials.

        • ...doesn't negate the question; why wasn't his account disabled? A suspended employee has no reason to access secure systems, this should be the default.

          I'm having a hard time imaging a reason for suspension that wouldn't necessitate the need to disable his credentials.

          Totally agree about this. There's another way of thinking about it. These are your colleagues, possibly even friends. You have no idea what stress they have been under. Maybe they have some disease in the family or financial problems. Maybe they are under major stress. They may not be thinking straight. They might go home and have their partner scream at them about being useless. It might be int he middle of some kind of mental breakdown that they go crazy and damage a system they would never do anything ba

  • by PPH ( 736903 ) on Tuesday July 01, 2025 @05:44PM (#65489712)

    ... to screw over the company, he should have purchased an enterprise VMWare license. And then negotiated a cloud contract with Oracle.

    [Saw this posted elsewhere]

  • My guess his financial asset capacitor is going to get discharged in a civil proceeding. The guy might be walking around with no shirt afterwards, if you know what I mean.

  • Side #1: You felt slighted. Disrespected. Unappreciated.
    You lose your temper. Do something of questionable judgement. Momentary satisfaction as you see them scramble to replace you.

    Side #2: You still have to work there. It sucks because you kinda liked the guy causing all the problems. You understand his reasoning, but you're trapped because you're definitely not in a position to do something similar. So you save your own ass.

    I see both sides. The corporate money usually wins. An unfortunate fact of
    • But I don't dismiss the disgruntled employee's claim.

      What claim is that? There's nothing in TFS or TFA that indicates the ex-employee has attempted to justify his behavior at all.

      Additionally, you missed...

      Side #3: You've known the guy was an immature ass for quite some time, and warned your superiors that best practices dictate every bit of access he had should be rescinded right away and every password he had access to be changed immediately - but they neglected to act.

      • What claim is that?

        You fired the "immature ass" and left him in full control of passwords etc. What did you expect? It's the classic case of expecting professionalism while not projecting professionalism. They don't give a fuck about this guy. Why should he give a fuck back?

  • How he got terminated LOL

It's time to boot, do your boot ROMs know where your disk controllers are?

Working...