Rogue IT worker gets seven months in prison over $200,000 digital rampage — technician changed all of his company's passwords after getting suspended

Ex-employee cyberattacker sentenced
(Image credit: West Yorkshire Police)

A suspended IT worker caused at least $200,000 of damage in an act of revenge upon his employer, according to a press release published by the West Yorkshire Police, in England (h/t The Register). The report indicates that Mohammed Umar Taj went on a digital rampage following his suspension from work. Employer-hostile acts included altering login credentials and disrupting the company’s multifactor authentication (MFA) systems. Taj was sentenced to seven months and 14 days after admitting the charges at Leeds Crown Court last week.

With a long history of similar reports in the public domain, it is surprising that disgruntled IT workers are still suspended without system access being revoked beforehand. However, such wise precautions might not be entirely possible to implement promptly for some roles, in some organizations.

The source indicates that Taj sprang into vindictive action “within hours of being suspended from work in July 2022.” He proceeded to unlawfully access company systems “to deliberately alter login credentials to disrupt the company’s day-to-day activities,” says the law enforcement source. On the second day of his spree, Taj would go on to hobble the company’s MFA systems.

As well as the monetary damage, due to “lost business,” Taj is accused of inflicting reputational harm on his (ex) employer. The unnamed firm was reportedly frustrated as not only were the activities of staff in Yorkshire impacted, but the cyber-damage spread to clients “both in the UK and overseas in Germany and Bahrain,” according to the police report.

Ex-employee cyberattacker sentenced

(Image credit: West Yorkshire Police)

Last week, Taj appeared before Leeds Crown Court, in Yorkshire, for sentencing. The 31-year-old “admitted a charge of committing unauthorized acts with intent to impair the operation of or hindering access to a computer at a previous hearing,” say the police. He now faces seven months and 14 days in custody.

The official police report on Taj’s disruptive-in-a-bad-way spree concludes with some friendly advice to employers. “Protecting your network prevents data loss and costly cyberattacks. It also maintains trust with clients and stakeholders,” said Detective Sergeant Lindsey Brants of West Yorkshire Police’s Cyber Crime Team. “We urge all businesses to look at their network security.”

Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.

TOPICS
Mark Tyson
News Editor

Mark Tyson is a news editor at Tom's Hardware. He enjoys covering the full breadth of PC tech; from business and semiconductor design to products approaching the edge of reason.

  • JRStern
    Well of course lock him out, good grief.
    But I'm not big on administrivia, even with full access aren't there protections against mass password change?
    I assume this starts with mass reset, but is there a way to do mass change even after that? Just wondering, ...
    Reply
  • chaos215bar2
    Funny how company execs never wind up in prison when they illegally screw over their employees, isn't it?

    Not an excuse for this kind of behavior, of course, but why is this a criminal matter? If the employee caused $200,000 worth of damage, sue them for damages and be done with it.

    That's already more than enough to ruin most people's lives without tacking on a criminal prosecution which, of course, will make it all but impossible to find any decent employment going forward even after this person is "rehabilitated" and released back into society.
    Reply
  • jg.millirem
    When I was abruptly fired from a small US organization in 2008 whose IT I was running, because I had begun letting the staff know that the CEO gave himself a $40K bonus when he had told staff no bonuses because of the recession, I spent about 15 minutes, as I was packing up, debating whether or not to reveal the domain admin password. The IT contractor they instantly brought in told me that knowing this password was paramount. I made him sweat for a while at least. But I don’t think I had any legal obligation to tell them anything.
    Reply
  • acadia11
    No they don’t it’s good to be the king. Peon now back to your desk.
    Reply