Reminder: Shut down access when IT staffers leave the company

Unhappy IT staffers can do a lot of damage – especially if they’re allowed to continue accessing the company’s network after they quit or get fired.

Jason Cornish recently pleaded guilty to crippling the network of his former employer, a Japanese pharmaceutical company with branches in New Jersey and Georgia.

Cornish worked in the company’s IT department until he resigned after a dispute with a member of management. After the resignation, he was temporarily used as a consultant by the company.

After a friend of his was laid off by the company, Cornish allegedly used his access privileges, which hadn’t been revoked, to take revenge. In February, according to cour documents, Cornish used legitimate access codes to log in to the company’s network and delete the contents of 15 virtual servers, Wired reports.

The hack allegedly resulted in $800,000 worth of damages. Cornish was caught after police traced the log-in activity to a McDonald’s near the company’s Georgia office, where Cornish had made a credit card purchase around the same time. He faces a maximum of 10 years in prison and a $250,000 fine.

To prevent a similar sabotage from current or former IT staffers, experts recommend companies:

  1. Always give staffers the least amount of privilege possible
  2. Monitor changes made to privileges and access rights, and
  3. Immediately revoke admin rights when staffers are terminated.