Tip: When Leaving Your Job At An ISP, Don't Cancel All Its Customer Accounts

from the just-a-suggestion dept

It’s no surprise that people who are leaving their jobs (especially to go work for a competitor) may have a certain dislike for their ex-employer — but it’s still amazing that people don’t realize that attacking them isn’t a particularly good idea. A former employee of a wireless ISP in Utah apparently logged back into the computers of his former employer (shame on them for leaving access open to the guy) and cutting off customer accounts by reprogramming customer access points. There are plenty of cases detailing similar attacks on former employers — but it’s amazing that these people don’t expect to get caught. In this latest case, not only was the guy caught, he’s now been sentenced to two years in jail. Still, there are some oddities here. Apparently after the guy turned off service for these customers, it took up to three weeks to reprovision some of them. That seems like an excessively long time — though, if the company left their computer network open to a former employee who left on bad terms, perhaps they weren’t the most technically savvy ISP out there.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Tip: When Leaving Your Job At An ISP, Don't Cancel All Its Customer Accounts”

Subscribe: RSS Leave a comment
NSMike says:

Not Uncommon.

I worked for an ISP for a short while, and a former disgruntled employee was able to log back in and effectively kill our e-mail servers. Of course, this was an ISP in name only, probably much like this one in Utah. Basically some other company provided REALLY cheap service to us, and we re-sold it to our customers. Our tech guy knew nothing about security, there were holes in the billing system so large that anyone could’ve easily retrieved the passwords of the most important people in the company. Although, calling it a company is a little too much credit. It was run out of a house.

AC says:

3 weeks not surprising

It said he reprogrammed the access points. If you have network access and use it to trash the configuration of the client hardware it can be done very quickly. It would the require site visits or walking the customer through the configuration to bring it back up.

Its easy enough to screw this up by accident when making simple changes, so it would be VERY easy to do intentionally.

misanthropic humanist says:


I think what this guy did was lame. I think what the guy did was morally wrong.

But I think handing him a prison term of 2 years is more wrong, a greater crime than either his actions or those of the employer that fired him (assuming it was an unfair or malicious dismissal).

When crimes against property are punished more severely than crimes against the person we are in danger of losing the legitimacy of our justice system. But when crimes against *abstract* property are punished more severely than crimes against tangible property or the individual, well then I can’t see how anybody can maintain respect for the law.

In a civillised society he would get 100 hours community service and a lasting conviction that would make working another ISP very hard.
In America, where 1/30th of the population are in prison, he is now entering a penal system that will expand his exposure to criminal mentality, cultivate his grudge against society and ultimately place him at greater risk of reoffending.

The purpose of a criminal justice system is primarily to protect society, not to punish the individual. In the USA they seem to have it the wrong way round. The authoritarian mentality is a pathology that is counterproductive in every case.

HateLiberalMentality says:

Re: Liberal Attitude

This guy got what he deserved. He knew what he was doing was wrong, but he thought he would either a) get away with it or b) not get punished.

People learn to take responsibility for their actions. Jail time for behaving like a child and defacing a company will give him time to think about becoming an adult.

Mot Nosnews says:

Re: disproportionate

>But I think handing him a prison term of 2 years is more wrong, a greater crime than either his actions or those of the employer that fired him

The is like the old anecdote, when a guy was complaining about the unfairness of being hung for stealing a horse.

The answer was “You are not being hung just for stealing a horse, you are also being hung that others will not steal a horse.”

david says:

Re: disproportionate

BUZZZ!!! WRONG!! The point of the the criminal justice system is to deal with those who commit or are accused of committing acts against individuals and society that have been deemed to be crimes.

And the point of the penal system is to rehabilitate criminals, not punish them. If sending someone to a prison increases their risk of reoffending there is a problem with that particular prison, because that was certainly not the idea when they were put in place.

Forming a group of words in an intelligent manner does not make the point of the formation correct. Try enrolling in Criminal Justice 101 before you attempt to theorize on the criminal justice system.

erica (user link) says:

Wrong and teaches a lesson

I agree that it was wrong and morally wrong. I also think this is an opportunity for this company and others to see when terminating an employee to terminate the account and change passwords for crtitical measusre as this.

There *should* be a method and proceedure in place for all companies no matter how big or small.. with a checklist to go down, passwords to change and accounts to disable upon termination.

Most employees *do* know more than their own account and password.. even if they are not supposed to know others. Maybe others will learn from this and prevent it from happening in their company so easily when they terminate an employee

The infamous Joe says:


Two years jail plus 3 years probabtion plus $65,000. Serves him right, too.

In this day and age, email is just an important method of communication as any other– not to mention that in all reality, he took it out on the company’s customers, not on the company. That makes him an asshat in my book. To make it even more fun, the man seems to have left to start his own company– so I have a feeling this wasn’t revenge, but instead a way to knock out his competition– even more asshattery taking place right there.

As for crimes against abstract property– well, he gained access to a computer he had no rights to access (the fact that he had his own password doesn’t matter– just having a key to your house doesn’t give me the right to enter it) and that is a serious crime to me– how much personal information can be found on a computer? A business computer? He showed a complete disregard to who he would affect by his actions.

Two years? That seems fair. Next time slash the boss’ tires like everyone else.

misanthropic humanist says:


“Two years? That seems fair. Next time slash the boss’ tires like everyone else.”

And when his front wheel blows out on the fast lane and he dies, along with the family in the oncoming vehicle that he hits – then what?

You see, your reply merely confirms that there is no sense of proportion
in our world today, we have totally lost the ability to take measure of things because of disproportionate violence sanctioned by the state
and the encouragement of agressive behaviour.

Bill says:

I did something ....

I did something similar when I was left off from a small ISP. But I had been sending e-mails to my former boss telling him to change the passwords. He never did.
I didn’t want to be held responsible if something really bad happen so I set one of the servers to back up every hour on the hour. I know this caused headaches for some of the clients but it got the company to change the passwords the next day.
Needless to say this company is no longer around and this was back in 2001 but just goes to show things haven’t changed.

The infamous Joe says:


We’ll ignore the fact that no one is going to drive his car with a slashed tire– unless slashed means something different than what I thought it did.

Speaking of sense of proportion, do you feel that what this guy did ws proportionate to the ‘money issues’ he was having at his old job? I don’t think it has any bearing anyway– he got off light, as the law allows. The max time for first offense is 10 years. (20 for second) and the reason it’s so large is because it’s related to the Patriot Act. (It doubled them)

What I’m trying to say is, if we let the guy off with a slap on the wrist, the terrorists win. ๐Ÿ˜‰

misanthropic humanist says:

Re: Rims

“do you feel that what this guy did was proportionate to the ‘money issues’ he was having at his old job?”

No Joe I don’t. I already said in so many words that I think the chap was a prick.

“anyway– he got off light, as the law allows. The max time for first offense is 10 years.”

No he didn’t, not in my opinion. The very fact that such harsh laws exist is something you should be utterly ashamed of. I realise we differ there, but perhaps you need to look at why you feel so vengeful and who that is really directed against.
And how do you square that with a fraudster from the Enron company whos embezzlement of millions of dollars results in
a cautionary ruling? Using your logic of arbitary justice do you think it would be acceptable for a cop to shoot a member of your family for looking at him cockeyed?

“and the reason it’s so large is because it’s related to the Patriot Act.”

I really can’t take you seriously if you are going to quote that comic instrument of oppression. But from your last quip, I suspect deep down you do actually understand, but you’re playing up to a role because you don’t have the guts to speak up and say “No, enough! I find this unnacceptable in my country” That would be the patriotic thing to do. I think the authoratarian mind is bizzare, but understandable – you want the law to be harsh because you feel vulnerable and you want to be protected by something strong. That is just latent fear an immature lack of personal responsibilty. Strong people not only set their own high ethical standards, they live up to them without appeal to authority. At least after they leave school.

btw, slashing a tyre can be a pretty dangerous thing to do, people lose fingers and eyes (because of the very high pressures)

Anonymous Coward says:

Re: Re: Rims

A lot of excellent insight there. I agree with all of it, but it misses the bigger point. Once everything is illegal, then the Almighty self-righteous will be able to forgive their friends and punish their enemies whenever the whim hits them.

The war on drugs is the most visible example, but still ignored by the press and public here.

Painful and costly as it was, I think some day historians will look back at 9/11 and see it as a turning point that led the US Congress to eventually conclude that they can not pass laws they they expect the whole world to follow: War on Drugs, copyright, digital rights management, on-line gambling and many others are still issues. Once those are properly addressed, fewer people will despise me when I am visiting them in their countries.

All that said, the UK is still too “civilized” for me…. and yes, that was a “Zed’ ๐Ÿ™‚

Anonymous Coward says:

Re: ah, of course

I think the reality is that we now live in a society that is geared far more toward money and corporations than individuals. It’s the reason why in so many countries crimes like rape, drunk driving (even if you kill multiple people), paedophilia etc. the punishment is often much, much leaner than crimes committed against a company where no damage other than monetary loss has occurred.

The Dukeman (profile) says:

Re: ah, of course

The difference is simple: being found out. “a) Getting away with it” means not being found out, as well as including “b) not getting punished.” “A” necessarily includes “B”, but”B” does not necessarily mean he wasn’t found out. It just means he wasn’t (or wouldn’t be) punished.

christian (user link) says:


security security security…

there are alot of companies that do not take security seriously which is a huge mistake..in any case, smaller and mid-sized companies need to look at incidents like this, and realize YOU ARE ALL VULNERABLE..

you need to create a budge and a plan for securing your network, systems, and most importantly overall, YOUR BUSINESS!

what the guy did was wrong, but it serves the isp right for overlooking such a critical issue in todays society..

security will make or break you or or business..remember that..

Keith Dsouza (user link) says:

Think about customer security

Well this is really foolish on part of the ISP too, they should get sued too by their customers.

I mean when your approach towards an employee who is leaving is so lax think about the security they may provide for their customers.

I as a part of my role I play at my company apart from the best wishes I give to my leaving colleague (however closely i know them), first ask my system admin to cancel all accounts they held for company purposes including the company email account.

If i would have been a customer of that ISP I would have sued them first.

misanthropic humanist says:


“And the point of the penal system is to rehabilitate criminals, not punish them.”

correct, as I said

In fact there are FOUR (4) functions of a criminal justice system.

i) protect society
ii) provide a deterrent
iii) provide a sense of justice to the victim
iv) rehabilitate the individual

Read what I wrote before jumping in with your eager desire to contradict me. You missed the word “primarily”. Go back and read it again.

“Forming a group of words in an intelligent manner does not make the point of the formation correct.”

And you’ve given a proof. Stop trying to be clever, because you clearly cannot even read.

Ralph says:

thats why

@ years in prison his life is ruined forever
Might just as well went into his company with a gun and killed everybody
when that happens now you know why .

Good luck at your job.

America the prison country

Thats why so many people hide in there house afraid to go outside
its the police they are scared of not crime

Iknow lots of people who go to prison

Not one victim of crime.

Donald McDaniel says:

Re: thats why

Considering that the victims of this man’s thoughtless and criminal acts probably cost the ISP’s customers hundreds of thousands of dollars (at minimum), as well as the ISP losing millions, in addition to the trust of its customers, the sentence against this criminal was mild.

This man chose to do what he did. He knew the consequences of his criminal acts. Yet he went ahead and committed his crimes anyway.

How about a little consideration for the VICTIMS rather than the PERPETRATOR?

By the way, the victims of violent crime DO “go to prisons” of the perpetrator’s making, until justice is served. The results of such crimes leave their victims in emotional bars not of their making, which can bind them for years…much longer than the two years this dufus got. In some cases, the monetary damages to the victims last for much longer than 2 years.


Start considering what these crimes do to the victims, rather than what they do to “American Prisons”.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop ยป

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...