back to article Men allegedly broke into computers of former employer

Federal authorities on Wednesday filed intrusion charges against two men accused of accessing the computer systems of their former employer. Scott R. Burgess, 45, of Jasper, Indiana, and Walter D. Puckett, 39, of Williamstown, Kentucky, both worked as managers for Indiana-based Stens Corporation until taking jobs with a …

COMMENTS

This topic is closed for new posts.
  1. sidney cook
    FAIL

    Oh come on!

    They should fire the whole security staff and the PFY of all. Ok maybe they did not get around to disabling their accounts for a few days, but two years latter? All companys that I have worked for disable or delete the account of any one leaving that day.

    Any other log in should be known by the system operator and security. They dont monitor remote log in's and use VPN to get into their systems?

    FAIL

  2. Crazy Operations Guy
    FAIL

    Wow...

    Where I worked, they would disable all your access as a way to tell you you are fired...

  3. Anonymous Coward
    Alert

    There's good practices, and there's reality...

    Some years ago, I was a senior net admin at a small business (i.e., <1000 employees). I had a terrible time convincing our HR VP to include IT in notifications of employee terminations--even after catching former employees logging in after they'd processed out. It nearly took going to one of the owners to get that accomplished. Insanely enough, our contracts officer saw no problem with ex-employees communicating with customers, as "since they are no longer employees, they can't make binding promises"!

    However, not my problem any more.

    netgeek

  4. Andrew_F
    Joke

    Re: They should fire the whole security staff

    Because what they need right now is more ex-employees with a full set of passwords!

  5. RyokuMas
    FAIL

    Stupidity gets...

    ... what stupidity deserves. And anywhere stupid enough not to have a regular password expiration policy deserves everything they get.

    Fail. No other possiblity, really.

  6. Eddie 4
    FAIL

    Silly people

    The last time I was made redundant (2002), all my access rights were deleted during my 'exit' interview. I was then escorted to my desk to retrieve personal belongings & then out of the building. Anything else seems strange to say the least ....

  7. Anonymous Coward
    Anonymous Coward

    (untitled)

    This story just doesn't make sense. Oh come on, remote access with old passwords, which when terminated still work on some other login credentials? What other remote access login credentials ? Not April the first is it ?

  8. This post has been deleted by its author

  9. Anonymous Coward
    Anonymous Coward

    Communication failure

    Terminating someone's access does not constitute firing; at least here all you'd have to do is show up for work each day to show you're willing to work and you could lob all sorts of legal nasties at your employer. Force him to pay you salary and eventually severance for starters, perhaps some more for making work impossible and intentionally creating a hostile workplace.

    I was the system administrator and I up and left for cause. Terminated all my access myself, no oversight. Pretty sure if I hadn't done it I'd still have some sort of access. Why do it? Because integrity is important to me, and it matters little to me it wasn't to them.

    Of course what these people did was clearly abuse, but then again, the company massively failed due diligence. If your keys get stolen you change the locks. Same with passwords.

  10. Bassey

    Priorities

    Whilst I don't condone what these guys did, they basically took advantage of someone else's incompetence to gain an (unfair) competitive advantage. I.E. they broke a technical rule.

    They face five years.

    A UK footballer, just last week, was convicted of sexually assaulting a woman and then punching her to the floor. Punishment?

    18 months

    Something is screwy!

  11. EasyE
    FAIL

    Why is this news?

    The article doesn't mention damage to former employer, so on the surface I read this as two miscreants taking advantage of an incompetent organization and prosecuted rather zealously. Why is this newsworthy again?

  12. JC 2

    Totally Irresponsible IT Dept.

    Good grief! There are two quite simple policies that take care of this sort of thing.

    1) Passwords expire. (Imagine that)

    2) Accounts are terminated before a person is told they are let go, or it's the first thing done after being notified of an employee resigning.

    These are THE most important security factors, not some hacker in Russia et al breaking into your server, not a viral outbreak, not which Windows patches were applied and when. Even surveys of the general population find an alarming % who admit they might trying to leave their present or former employer with company owned data.

    I just can't feel any sympathy for the former employer, odds are they tired to save a dime on IT personnel and it came back to bite them in the arse.

This topic is closed for new posts.

Other stories you might like