Sounded like he had a chip on the shoulder.
A man has pleaded guilty to hacking low-cost airline Jet2, including an attempt to compromise the CEO's email account. Scott Burns, of Queen Street, Morley, Leeds, had been charged with eight crimes under the Computer Misuse Act (CMA) 1990. The 27-year-old, formerly an IT project manager working for Blue Chip Data Systems, …
"And then follow up with a career as an IT security consultant as several others have done."
He could end up as a lawyer and/or mayor of New York. He has a background in IT so would never make a good IT security consultant.
Eerr. Fail on your part and Jet2's. I think they meant to say no Customer's personal data was accessed. By definition an email address is personal data, and at a minimum he had that for every account he hacked, and probably a lot more besides from being able to scan the mails in those in-boxes.
A breach of employee's data privacy is treated in exactly the same way as a breach of customers data privacy under GDPR - it makes no distinction between the two from a regulatory enforcement perspective - there might be different risk mitigations/justifications put forward though...
And found that there were connections to the email account from unexpected sources?
As others have said, there seems to have been no attemp to exploit the access for gain.
Just someone making themselves feel special because they have secrets?
If so, sad rather than dangerous.
Biting the hand that feeds IT © 1998–2020