redditmemory
link Fired NY credit union employee nukes 21GB of data in revenge
Bobzyurunkle:

I work in data recovery. They got off lucky with only a $10k bill. She didn't do that good of a job to get it back for so cheap. Consider it at a cost of $0.50 a document.

Just opens up doubts about the companies IT security policies. There's a reason corporations won't do success story testimonials for us. It exposes their shortcomings needing a data recovery company to help them out of a jam.

Edited to add: I'm getting a ton of messages asking if it's just as simple as using the undelete command. Perhaps it might be but they also need to get data verified and rebuilt it some cases, Just this act alone falls under a forensic category. A certified technician will have to perform this work and be able to testify about the work in a court of law. This costs money for expertise and some yahoo working from his basement using simple commands to undelete data doesn't fly. There is certainly more to the story that we don't know about.

CAPSFTWLOL:

The wiped included files related to customers' mortgage loan applications and the financial institution's anti-ransomware protection software

I'm not sure if they are referring to documentation about the ransomware software or the applications files themselves but why in the fuck would files related to ransomware protection software be stored on a shared directory that a part time employee can access? Only certain members of IT should be accessing that info. This company sounds like dogshit.

zaxmaximum:

I manage the IT needs of a number of companies. The first expense is the hardware and software licensing, the second cost is proper disaster recovery.

If a company won't invest in DR, I won't take their contract.

OkLycheeGuy:

Five days later, on May 26, she also told a friend via text messages how
she was able to destroy thousands of documents on her former employer's
servers, saying, "They didn't revoke my access so I deleted p drift
lol. [..] I deleted their shared network documents."

Yeah don't brag about your crimes bro

tinwhistler:

Even though a credit union employee asked the bank's information technology support firm to disable Barile's remote access credentials,that access was not removed.

Sounds like another firing is warranted.

colin8651:

"An insider threat can wreak just as much havoc, if not more, than an external criminal.”

Yeah, but they were fired. A big rule in bank IT security is you don’t leave accounts active for users who should not have access to confidential data. They weren’t and insider, they were fired days before.

The blame goes in two directions here. Them deleting the files doesn’t magically absolve you of any wrongdoing. This isn’t some Russian hacker, it was caused by a person with enough knowledge to have no idea the incident will point directly back at them.

0xD153A53:

HR needs to re-evaluate their protocol.

Revoke credentials THEN fire the person.

SubstantialClass:

They left the passwords open? Isn’t that negligence?

dreadfulwater:

Any company worth their salt disables accounts before the termination. That's what happens when you off-shore your shit.

blatsnorf:

Her petty revenge not only created a huge security risk for the bank

No, the bank's shitty security was the huge risk and it was exploited. Quit shifting blame. If I banked with this institution I'd be immediately closing all of my accounts.

297 days ago source link