A man has been sentenced to 24 months in prison for hacking into his former employer’s network and causing significant damage.
Miklos Daniel Brody, 38, of San Francisco, worked as a cloud engineer at First Republic Bank until March 11, 2020, when he was convicted of downloading pornographic content to U.S. Dismissed.
That night, Brody used a work laptop that had not yet been returned to his employer to log into the bank’s network, causing an estimated $220,000 in damage.
According to a news release from the U.S. Attorney’s Office, Broidy deleted the bank’s code repository stored in the cloud, ran a script that deleted the logs, left “taunts” about former colleagues in the bank’s code, and passed on Impersonate other employees by opening sessions in the name of other employees.
In addition, Brody emailed himself proprietary code worth more than $5,000 that he had written while working at the bank.
In the days and weeks after filing, Brody attempted to cover his tracks by filing a police report claiming his company-issued laptop had been stolen from his car while he was working out at the gym. . He continued to stick to this claim even after being arrested in March 2021 and interviewed by U.S. Secret Service agents.
Broidy was sentenced to 24 months in prison for cyber intrusion and making false statements to government investigators. In addition, Brody was ordered to pay restitution totaling $529,266.37 and serve three years to begin upon his release.
Of course, all of this could have been easily avoided if Brody’s employer had implemented more secure offboarding procedures, such as ensuring that login credentials were changed or deleted entirely when someone left the company.
I’ve warned before about the dangers of disgruntled IT employees bent on hacking into their former employer’s computer systems.
Many times, when disgruntled employees find themselves fired from their company, they impulsively seek revenge.
Simply escorting someone off company premises is not enough. You also need to consider whether they have remote access to company systems and whether they have company-owned hardware and data at home.
Make sure you have strong defenses and only employees with the correct authorization have access to confidential or sensitive information and systems. When these authorized users are no longer authorized, their access rights should be revoked immediately.