Ex-employee wiped financial data from bikini bar
After being terminated from his job, he logged into McLane Advanced Technologies and wiped customer data
IDG News Service - At the Bikinis Sports Bar and Grill in Austin, Texas, you can get burgers and beer served to you by cute waitresses wearing denim shorts and bikini tops. And if you're David Palmer, a recently fired IT worker, you can also break into a U.S. military contractor's computer systems and wipe out payroll files, wreaking havoc at its customers.
That's exactly what Palmer did on Jan. 21, 2010. Angry that his former employer, McLane Advanced Technologies, had fired him and then refused to help him with an unemployment benefits claim he'd made to the Texas Workforce Commission, Palmer broke into McLane's systems and deleted payroll files belonging to Lone Star Plastics, a McLane customer that makes polyethylene bags and can-liners. He also broke into a second McLane customer, Capstone Mechanical.
"The only reason for logging into any of these servers was to create general havoc and disorder for McLane Advanced Technologies the following day," Palmer told investigators, according to court records.
The plan worked. When employees at Lone Star Plastics' Prattville, Alabama, facility tried to punch in on the 21st, they discovered that the McLane server that hosted their punch clock software and payroll records had shut down. Two days later, McLane Advanced Technologies contacted the U.S. Secret Service, reporting that it had been hacked.
Palmer, formerly an IT administrator with the company, pleaded guilty to computer intrusion charges Thursday in U.S. District Court for the Western District of Texas. He's set to be sentenced on Nov. 2.
Prosecutors say that Palmer set up a back-door user account entitled "Palmer Lt" before being terminated by McLane at the end of 2009. That account was used to break into the Lone Star Plastics computer and was linked to other intrusions at McLane. Palmer had logged into it from a variety of locations, including his home address in Temple, Texas; Bikinis Sports Bar and Grill; and Buffalo Wild Wings in Waco, Texas.
Disgruntled ex-employees seem to think they can cover their tracks by logging into their former employers from restaurant Wi-Fi networks. Two weeks ago a former IT staffer at the U.S. subsidiary of Japanese drugmaker Shionogi pleaded guilty to similar charges. He had logged in from a McDonalds.
McLane Advanced Technologies sells supply chain management and IT services to the U.S. Department of Defense, state and local governments and large retailers such as Wal-Mart. The company declined to comment.
- Everything You Know About Enterprise Security Is Wrong
- UK man charged with hacking Federal Reserve
- McAfee Offers Global Response to Nationalized Malware
- Tech Industry Praises Cybersecurity Framework From White House
- Ransomware like Cryptolocker uses Bitcoin, other virtual currencies for payment
- Trial for alleged Silk Road creator Ross Ulbricht set for November
- Target attack shows danger of remotely accessible HVAC systems
- U.S. is investigating Target data breach, AG Holder says
- Russian man pleads guilty in SpyEye malware case
- Suspected email hackers for hire charged in four countries
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts