Slashdot Mirror
Ex-Employee Busted For Tampering With ERP System
ErichTheRed writes "Here's yet another example of why it's very important to make sure IT employees' access is terminated when they are. According to the NYTimes article, a former employee of this company allegedly accessed the ERP system after he was terminated and had a little 'fun.' 'Employees at Spellman began reporting that they were unable to process routine transactions and were receiving error messages. An applicant for his old position received an e-mail from an anonymous address, warning him, “Don’t accept any position.” And the company’s business calendar was changed by a month, throwing production and finance operations into disorder.' As an IT professional myself, I can't ever see a situation that would warrant something like this. Unfortunately for all of us, some people continue to give us a really bad reputation in the executive suite."
He plead not guilty, and he's yet to be convicted, but I can definitely envision a scenario whereby shutting his account off could cause catastrophic failure of many systems. This typically happens when someone does not follow best practices with service accounts and such and is not an uncommon situation.
That being said, he could have been really fucking pissed at them and decided to fuck with shit. Some management out there can be real fuckheads to their employees.
Derp is right... no better way to destroy any hope of a career, than to do something monumentally stupid like this.
I've left positions that have been, to put it charitably, crap. Once it involved hard feelings against an asshat that destroyed the department.
OTOH, the golden rule is to never touch the machinery. EEOC and labor laws be damned, HR critters do talk to each other; even if your stupid stunt never made the news, it will make the rounds. Rest assured this guy will have to move to the other part of the country at the very least.
Quo usque tandem abutere, Nimbus, patientia nostra?
>> Unfortunately for all of us, some people continue to give us a really bad reputation in the executive suite." The only reason the executive freak out at this is because most of then have absolutelly no idea what could happen, and how it could happen... When a sales rep leaves with his or her client, an acountant make some creative acounting and buy a condo with some "reimbursment", a Marketing manager exposes the company to serious bad mojo because he can't keep his pants on, etc .... they understand what happen.
But realising that they should pay the guy that has root password on the ERP server the same as the CEO since he has actually more power that the CEO, this would be scary...
So nobody should do any kind of "bad stuff", and revenge no matter how justified it is, is rarely worth the time needed to execute it.
(that is why we do have courts of justice, in theory at least they help "outsourcing" revenge, and make it more "educative", not that the actual implementation always work...)
I always suspect that companies in these cases deserve what happens to them
Did you see the outfit that ERP was wearing? That general ledger module was WAY above it's knee. And I think the CRM middleware was wearing a lot of perfume. Totally asking for it.
Don't disappoint your bird dog. Go to the range.
What does erotic role playing have to do with IT systems?
To all you virgins: Thanks for nothing.
I actually bothered to read the article, and the ex-employee in question RESIGNED by giving two weeks notice after being repeatedly passed over for promotion.
Maybe in this day in age, we are now suposed to refer to anyone leaving a company as being terminated, but I for one think there is a profound difference between terminating an employee vs their departure on their own accord.
With that said -- seeing that this guy was butt-hurt enough to leave and commit these acts against his employer shows that he wasn't working with a full-deck.
So I don't think the employer "had it coming" or provoked it -- since they seemed happy enough to employ him, but just didn't see him fit for a higher level position.
Here's yet another example of why it's very important to make sure IT employees' access is terminated when they are. (...)allegedly accessed the ERP system after he was terminated and had a little 'fun.
You go, RTFA and this is how it starts..
But after Mr. Meneses was passed over for promotions, he was upset enough to announce his resignation, giving two weeks’ notice. Before his final day in January 2012, colleagues caught him copying files from his computer to a flash drive, the authorities said. They cut off his access to company servers.
So, first of all, he was not terminated, he was mad and left the company. He was still on his two weeks' notice, so, in theory, had legetimate reasons to access the servers. When the company saw an srange behavior, they cut his access. So, looks like a case of a pissed up asshole who decided to go out with a bang and got busted for it.
--- "When you gotta do something wrong. You gotta do it right. (Fighter)"
At a small company I worked for years ago there was a tendency to fire accountants (who simply didn't agree with the CFO). Turns out the CFO was embezzling funds and a number of folks just didn't want to go along with the program. So one day the CFO fired this one accountant and it was pretty bitter.
As the IT director I had advised the CFO many months earlier that IT needs to oversee all the software and accounts in the company as it is a security matter. He agreed to all but the accounting software and its controls (he didn't want anybody seeing his criminal ways).
So one day after firing the accountant, someone writes a $1,000,000 dollar check to a customer and it gets processed. Suspicious turns to the accountant having access, but there is no proof. The CEO and CFO both stop by my cubicle complaining how could this happen?? I simply told them you advised me several months back not to put the accounting software or user accounts under any IT control, even after I had warned you of the security dangers. We can't firewall a separate system that IT is not in charge of or have credentials to... Frustrated they walked away, annoyed like they couldn't blame someone for their stupidity.
I kind of felt sympathy for that accountant, although he probably should of contacted the authorities. I had not way of knowing, except rumors you hear. Pretty ballsy, but that's what happens when suits have their ego and lack of ethics... Eventually there was an investigation on the books and things flew wide open. I left the company prior to it hitting the fan.
I think I just lack empathy for non-humans. Companies aren't people. When they suffer, I just see numbers changing on a ledger.
That's funny...when companies make people suffer that's all they notice too...