Ex IT Admin Disrupts Old Employer After Being Fired

A financial company in Hawaii had their business operations disrupted after a former employee decided to reconfigure his ex-employer’s website.

The system administrator worked for the company from 2017-2019. After his contract was terminated, Casey K. Umetsu accessed and changed the configurations of his previous employer’s website in order to redirect web and email traffic. According to the U.S. Department of Justice, Umetsu pled guilty to these actions, and stated his motive as wanting to be hired back with a larger salary.

Umetsu blocked the firm’s IT team from accessing administrative services in order to disrupt the company’s operations for a longer period of time. Eventually, the company reported the issue to the FBI and figured out it was Umetsu who gained unauthorized access.

He faces a fine of up to $250,000 and a maximum sentence of 10 years in prison for his actions.

Cybersecurity incidents like the one mentioned in this story are not uncommon, and there are frequently issues with former (or even current) employees wreaking havoc upon a business. Maintaining security best practices could have prevented this issue from occurring, had the company invalidated Umetsu’s credentials when he first got fired.