The Enemy Within: Disgruntled IT Employee Trashes Payroll Records And Could Get 10 Years - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // CIO Insights & Innovation
Commentary
10/12/2007
12:57 PM
Bob Evans
Bob Evans
Commentary
50%
50%

The Enemy Within: Disgruntled IT Employee Trashes Payroll Records And Could Get 10 Years

Just when you thought your to-do list already was too long comes the news that a disgruntled IT worker who had bungled his resignation process was convicted of later hacking into and wiping out the company's payroll and personnel files. So we must ask: How prepared is your team for locking out employees in transition?

Just when you thought your to-do list already was too long comes the news that a disgruntled IT worker who had bungled his resignation process was convicted of later hacking into and wiping out the company's payroll and personnel files. So we must ask: How prepared is your team for locking out employees in transition?It's a bizarre story, but one that offers a two-by-four-across-the-face lesson for IT execs who think they've already got more than enough to worry about. Because just as we've all had to deal with software that does unexpected and unpleasant things, we also see lots of equally baffling developments that underscore the need to be on full alert for unpredictable and sometimes-destructive behavior from humans as well as from code.

According to our sister site Dark Reading, an IT guy looking to resign failed to complete some required paperwork and therefore was not eligible for his final paycheck. And so he took it out on his employer.

"[Joseph Patrick] Nolan, a 26-year-old IT worker, resigned from Pentastar on Jan. 15 of this year, according to court documents. He was told that he would not have to work during the two weeks' notice he had given the company -- as long as he signed a separation agreement by Jan. 26, which he failed to do. On Jan. 30, Nolan called Pentastar's human resources department, inquiring about his final paycheck. Nolan was told that he would not receive the check, because he hadn't signed the separation agreement. On Feb. 1, the disgruntled Nolan gained unauthorized access to Pentastar's computer systems and effectively obliterated a drive that contained all of the company's payroll and personnel records, according to court documents.".

Pentastar had to spend about $30,000 to repair the damage caused by Nolan, according to the news story written by Dark Reading's Tim Wilson. While that's not a staggering amount, Nolan's actions nevertheless put the company at huge risk to having those highly sensitive files made public or sold to spammers and phishers and other gutter-lickers. And the company no doubt has had to spend -- and will probably continue to have to spend -- inordinate amounts of time and money to deal with very legitimate employee concerns that their highly sensitive personal information is not at risk to future exposure.

Clearly, the blame for this act falls 100% on the shoulders of Nolan: as the court documents show, he simply failed to sign a document that would have given him two weeks' pay. But where does the responsibility lie for securing the company's systems so that an ex-employee with an ax to grind couldn't gain access to confidential company information? Is it the CIO, for not enforcing appropriate security measures across the company? The HR department, for not escalating the potential problem at the time the disagreement arose? And since that ship's already sailed, perhaps the more-important question is this: How locked-down are your systems from the enemy within? Join the Dark Reading discussion.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
How to Create a Successful AI Program
Jessica Davis, Senior Editor, Enterprise Apps,  10/14/2020
News
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
Slideshows
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
Slideshows
Flash Poll