Hacker Warned Former Colleagues Of Potential Layoffs

from the not-your-usual-hacking dept

Over the years, we’ve seen plenty of stories about former employees hacking into their former employer’s computer system and causing all sorts of problems, from deleting data to spamming people to downloading confidential information. However, the latest arrest in such a case is a strange one. A former executive at a publishing company, who had left the company three years ago recently hacked into the network, read some emails about pending layoffs and warned some former employees that they might be at risk of losing their jobs. He did it all anonymously, but it wasn’t that difficult to track the email and the network access back to him. Still, this seems odd. He clearly broke the law, accessing the network and reading private emails, but unlike most cases of bitter ex-employees getting back at their company, it seemed like he was just keeping an eye out for his former colleagues. Either way, can someone explain why the company left this guy’s ability to login open for three whole years after he was no longer with the company?

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Hacker Warned Former Colleagues Of Potential Layoffs”

Subscribe: RSS Leave a comment
Bri (profile) says:

System Administration

Looking at the publically accessible data on the company, I would hazard a guess that their IT administration is not up to managing the number of users that they have. It wouldn’t surprise me at all, as I’ve seen this all too many times while performing system administration duties myself, that HR (Personnel) doesn’t coordinate with IT. This can be an even more complex issue when it involves coordinating with remote locations which is also an apparent issue with Source Media.

One of the first changes I would suggest/make when assuming the duties was that all employees would be required to ‘check out’ with the system adminstrator prior to completion of termination or transfer along with all the other stops they would have to make. This improved access control, which was also reviews on a regular basis, as well as the transfer backup, and elimination of files on the server(s).

As with any security issue, it’s about process. If you don’t have the processes in place, you don’t have security and you end up as a poster child in the WSJ or Tech Dirt.

LightsOut says:

Re: System Administration

I totally agree with you, as a IT guy myself and there are leak of HR Personnel coordinate with IT when someone is leaving the company but in this case I believe is the current IT Director or Manager is to balance. You have a IT DirectorVP of Technology leaving the company which mean this person have access to all your data including network and servers password, maybe one or all of current Executives or employees. Therefore it is the responsible of the next IT Manager to enforce a policy to change all of the users password and most importantly your network and servers password.

They call this guy a HACKER which I doubt he is. If this guy actually access the company email by way of hacking, I believe they should fire the current IT Manager and the Network Admin. A good hackers do cover their foot print. A good hacker do know that their email can easily be track no matter where you send it from.

Another example; I still can get to my X-employer data…. and email….lol without hacking of course.

Sanguine Dream says:

Hold up...

Either way, can someone explain why the company left this guy’s ability to login open for three whole years after he was no longer with the company?

If his company identity was still valid and that is what he used to get in then it wasn’t a hack. Can’t have it both ways. Either the door was left open and he walked in or he forced his way in.

What bothers me is that I’m willing to bet that the company in question is more upset that he warned employees than they are over fact that he got in.

Anonymous Coward says:

Re: Hold up...

I disagree with you. If he was fired he knew that he was not allowed access to that network. Hacking by legal definition is the unauthorized access of a computer network. He knew he was unauthorized to access the network by his being let go. Thus he broke the law by hacking the companies’ network.

Sanguine Dream says:

Re: Re: Hold up...

Then I am corrected. It was my understanding that part of the definition of hacking was how the hacker got in as well as wheather or not he/she has authorization to access the system in question. Like if you invite me into your house for a party and I steal from you then I would not be charged with B&E just theft.

Anonymous Coward says:

Re: Re: Hold up...

There used to be a difference between the access to company offices in the middle of the night using a crowbar and walking through the door during business hours to drop a message or a package to a friend, even if you have been previously fired by the same company.

I am not very familliar with the legal aspects, but I think you would have to bypass some security mechanism (break the window, disable the alarm system) or refuse to leave after receiving a warning that you have no right being there, before you would be liable for this behavior.

The article talks about hacking but does not mention any specific activity. It would even be possible, that the information has been obtained from a mail being sent to an out of date mailing list and then forwarded to an external account or by using his (after 3 years still active) old company account to check his mail.

Nobody Special says:

how many accounts did he have?

I suspect that they turned off the main account he used. But that doesn’t mean that he didn’t have more then one account that was used. It would be very easy for him to have multiple access accounts and have them overlooked. At the same time, it is also possible that his main account was active.

He was guilty of “hacking” his way in by the very nature of connecting. And the article doesn’t say if he broke in or simply had an active account. At any rate, there is a good chance he would know a number of user names, and might know at least some of the people’s password schemes. Most people use a easily identifiable scheme for rotating their password.

Heh says:

Hacking in.

Last I checked, unless you have up a banner or something along those lines prohibiting login access (and informing the person that what they are doing is illegal) then it is not hacking. So unless the admins were smart enough to place that as a default on all email and servers, then I think this guy can beat it with a good enough lawyer.

I say this because by definition a Hacker is a person who gains “Unauthorized” Access to a system or series of systems. If there is nothing in place stating that the system is for Authorized personnel, then access is not restricted, even if there is a security mechanism.

-The Computer Fraud and Abuse Act. – read it sometime, as it is kind of funny and irritating at the same time.

(2) intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains–

Anyhow, if there is nothing in place telling him to the contrary, then he did not hack a damn thing, only wondered around and open system. It’s their fault should that be the case for not trying to let people know the authorization level of a system.

Chronno S. Trigger says:

Re: Hacking in.

so your saying that if I forcibly (or not) get into your computer its not hacking because you don’t have the banner? I think your mistaken. If your getting into a system that you need a password for you know if your authorized or not. If you have been fired then you know that your not allowed into the system if your password is removed or not. He’s an IT guy so he knows this

Solo says:

May I suggest you RTFA.

“He worked for Source Media, a company with 1,000 employees, between 1997 and his termination in 2003. He worked there, at different times, as both the director of IT and VP of technology. In those positions, he reportedly had access to the passwords for the e-mail accounts of Source Media employees.”

1) bad security policy is bad security policy. Nobody should have access to other people’s password. Having password available to anyone else but the user of the account is asinine. This is my guess how he *hacked* in the system.

2) real hackers cover their tracks. Even when being a good samaritan and warning a friend, you know there is a potential for backlash, especially when what you are doing is illegal. Best advice for people commiting a crime: don’t get caught, don’t leave fingerprints all over the place (or ip addresses, username/passwords or other bits of log that point back to you)

3) media like to spin banal abuse and bad computer security as hacking, just like now any flavor of credit card fraud is identity theft. Makes juicier headlines I guess.

willgetin says:

IT Director?

Interesting thing is…

This guy was the Director of IT. Obviously he was not at the top of his game when he worked there, or any possible methods of him gaining access would have been nullified upon his leaving the company. More than likely, he either left a couple of user accounts for himself available or used someone elses username and password.

Again, any IT director that has any business being an IT director would make sure that there was a) a password policy b) a Remote Access policy c) A Termination Policy.

Personally, this tells me that their current IT staff is negligent. The new IT director would obviously know that this guy left and that he would have access to the system and should have made changes to prevent this type of thing from happening.

I flip burgers, can I be your new IT guy? 🙂

bubba says:

“Hoffacker allegedly hacked into Source Media’s network on ‘various occasions.’ He worked for Source Media, a company with 1,000 employees, between 1997 and his termination in 2003. He worked there, at different times, as both the director of IT and VP of technology. In those positions, he reportedly had access to the passwords for the e-mail accounts of Source Media employees.”


Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...