The ex-employee, Dong Chul Shin, was fired from the company March 3 for performance reasons, and escorted off the premises, according to court records. But the company failed to immediately shut off his VPN access. That afternoon, someone using Shin’s account began logging onto the corporate network, e-mailing out proprietary data to a personal Yahoo account linked to Shin, and modifying and deleting files, according to a search warrant affidavit by Dallas FBI agent Robert Smith.
The Comanche Peak nuclear power plant in Texas.
Company logs showed that the VPN connection originated at Shin’s home IP address, Smith writes.
Oh yeah, that they were “the” inside threat. Well, case in point. These jokers walked him off premises but did not kill all his access. Gee, go figure that a disgruntled employee with intimate knowledge of the network would actually use their access to do something bad! Even more of a surprise that a company would not kill all their access right away.
Yeah.. Sorry to say that this is more prevalent than one might think. Good thing this guy didn’t do more damage.