CNA reports:
Singapore: Upset that he was fired, an employee accessed his former company’s computer test systems and deleted 180 virtual servers, costing them about S$918,000 (US$678,000).
Kandula Nagaraju, 39, was sentenced to two years and eight months’ jail on Monday (Jun 10) for one charge of unauthorised access to computer material. Another charge was taken into consideration for sentencing.
According to the news report, his last official date of employment with NCS was November 16, 2022. He subsequently accessed the test system on six occasions between Jan 6 and Jan 17, 2023 once again in February, 2023, and then 13 times in March 2023. On March 18 and 19, he ran a script that deleted all 180 virtual servers in the system one at a time.
Read more at CNA.
How did he still have access?
Nagaraju reportedly accessed the system using administrator login credentials. Were his login credentials terminated when his employment ended? How was he still able to gain access months after his employment ended? And why didn’t NCS detect 180 virtual servers being deleted one at a time over a two-day period?
Perhaps NCS was not particularly concerned about what they describe as a standalone test system without any sensitive data on it, but this incident was still costly for them. It also serves as a useful reminder to promptly terminate access credentials for employees whose employment has ended.
h/t, Risky Biz News