Stories
Slash Boxes
Comments

SoylentNews is people

Angry IT Admin Wipes Employer’s Databases, Gets Seven Years in Prison

posted by hubie on Wednesday May 18 2022, @07:19PM   Printer-friendly
from the hell-hath-no-fury-like-a-sysadmin-scorned dept.

upstart writes:

Angry IT admin wipes employer's databases, gets 7 years in prison:

Han Bing, a former database administrator for Lianjia, a Chinese real-estate brokerage giant, has been sentenced to 7 years in prison for logging into corporate systems and deleting the company's data.

Bing allegedly performed the act in June 2018, when he used his administrative privileges and "root" account to access the company's financial system and delete all stored data from two database servers and two application servers.

[...] Surprisingly, Bing had repeatedly informed his employer and supervisors about security gaps in the financial system, even sending emails to other administrators to raise his concerns.

However, he was largely ignored, as the leaders of his department never approved the security project he proposed to run.

This was confirmed by the testimony of the director of ethics at Lianjia, who told the court that Han Bing felt that his organizational proposals weren't valued and often entered arguments with his supervisors.

In a similar case from September 2021, a former New York-based credit union employee avenged her supervisors for firing her by deleting over 21.3GB of documents in a 40-minute attack.

Anyone have stories of any interesting employee departures that they have exprienced?

Original Submission

 
This discussion has been archived. No new comments can be posted.
Angry IT Admin Wipes Employer’s Databases, Gets Seven Years in Prison | Log In/Create an Account | Top | 37 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Thursday May 19 2022, @09:46AM (1 child)

    by Anonymous Coward on Thursday May 19 2022, @09:46AM (#1246197)
    Even if they had backups a stupid[1] nutjob like him could still find an excuse to delete them.

    In most companies even if they have separate people involved in sysadmin and handling of backups the sysadmins would still know ways to destroy the backups. There are certain backup systems in my company I'm not in charge of but I still know where the stuff is.

    [1] Even if you hate the company that much and are willing to do something unethical, you don't do the deed yourself - you get someone else to do it. If some outsider can't do it even if you expose info to them (that has no links to you - e.g. not your ID and password) then maybe the company's systems really aren't that insecure? In which case the company's biggest security problem was him. And to fix it he should have resigned and got a job in a different industry.

  • (Score: 2) by RS3 on Thursday May 19 2022, @03:34PM

    by RS3 (6367) on Thursday May 19 2022, @03:34PM (#1246285)

    Proper backup includes making multiples, and also includes some kind of physical media that is removed from the site and stored by a 3rd-party company in a secure vault.

    Even in a small company, corporate principals (CEO, president, VP, secretary) should keep copies in a small safe or fireproof strong box, at home, bank safety deposit box, etc.