Slashdot Mirror

← Back to Stories (view on slashdot.org)

IT Worker's Revenge Lands Her In Jail

Posted by samzenpus on from the bad-idea dept.

aesoteric writes "A 30-year-old IT worker at a Florida-based health centre was this week sentenced to 19 months in a US federal prison for hacking, and then locking, her former employer's IT systems. Four days after being fired from the Suncoast Community Health Centers' for insubordination, Patricia Marie Fowler exacter her revenge by hacking the centre's systems, deleting files, changing passwords, removing access to infrastructure systems, and tampering with pay and accrued leave rates of staff."

8 of 347 comments (clear)

  1. Makes the rest of us suffer... by Anonymous Coward · · Score: 5, Insightful

    Every time some person does stuff like this and it hits the press, every other IT person ends up suffering when the PHBs realize what the sysadmin or the Cisco guy is capable of.

    Will this mean better security? Of course not. It just means that oftentimes someone who shouldn't have access to enable secrets or root passwords gets those as a "backup".

    1. Re:Makes the rest of us suffer... by hendersj · · Score: 4, Insightful

      Really, I think this just highlights something I've said for years: If you don't trust your IT people, they shouldn't be your IT people.

      It's a job requirement to be trustworthy when working in IT. Those who aren't pull crap like this.

      Even if she hadn't gone to jail, if she got caught tampering with systems (either while employed there or after being terminated), she should never, ever, under any circumstances be trusted to admin a system again.

      Ever.

      --
      Insanity is a gradual process; don't rush it.
    2. Re:Makes the rest of us suffer... by Venik · · Score: 4, Insightful

      Really, I think this just highlights something I've said for years: If you don't trust your IT people, they shouldn't be your IT people.

      And if you decided to fire them, make sure you terminate their access to your network in a timely manner. Somehow I seriously doubt Ms. Fowler actually "hacked" their systems. It is far more likely that after four days she discovered her remote access account still works and she took full advantage of this.

    3. Re:Makes the rest of us suffer... by Mister+Whirly · · Score: 4, Insightful

      Owner status trumps technical experience every time. Trust me, any PHB stupid enough to demand access to areas they know nothing about and then go messing about is going to screw something up. When they realize just how much money it will take to fix their screwups, sooner or later they will realize why it isn't smart to give themselves access to said areas. But if the owner demands the keys to the kingdom he owns, he get them whether or not it is the smart move or not. How long do you think any employee who refuses an order from the owner is going to last? And how do you go about determining who is qualified to make the decision if someone is qualified?

      --
      "But this one goes to 11!"
    4. Re:Makes the rest of us suffer... by dgatwood · · Score: 4, Insightful

      No one should have root passwords. The mere existence of a root password is a fundamental security hole. If everyone has a user account and certain people have sudo privileges, you have:

      • An audit log
      • A trivial way to cut off that person's admin access (with or without cutting off all access)

      Combine this with a proper centralized authentication/directory services system, and you're done.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

  2. Um good? by Hatta · · Score: 4, Insightful

    Person commits crime, goes to jail. Fascinating reporting there.

    --
    Give me Classic Slashdot or give me death!
  3. Harsh Sentence by Manip · · Score: 4, Insightful

    I love how computer crimes are measured on an entirely different scale to all other crimes. While I think her crime was serious, when you look at the prison sentence relative to other things it seem disproportionate. If she had done the same thing without a computer I bet she would see less than 1/2 the jail time.

  4. What? by segedunum · · Score: 5, Insightful

    Fowler's attack on the company's firewall, which had caused a "lockout", took Federal Bureau of Investigations (FBI) three months to resolve.

    What? Seriously. What? What the hell is a lockout and why would it take anyone three months to solve a firewall issue?