Revenge: Loan broker is terminated and deletes over 20,000 customer documents

Whether it is for financial reasons, because of restructuring or because of your own mistakes, it doesn’t really matter: Losing your job always feels bad for the person concerned. A bank employee from New York seems to have been even more annoyed than others. And now broke serious consequences with their revenge action.

Juliana B. was working part-time for the New York Credit Union, the state’s largest credit bank, when she was resigned in May. The exact reasons for their release are not known. But it must have gone against the grain of her. Because two days after the dismissal, the banker logged into her work account again via her private computer. And began an act of revenge that would have caused a lot of shredded paper in the analog world.

20,000 deleted documents

In just 40 minutes, B. caused absolute chaos on the server, according to court documents. She remotely deleted more than 20,000 documents and 3,500 entire directories from the company’s shared file server. In total, more than 21.3 gigabytes of data were destroyed, according to the indictment.

The data massacre does not seem to have had a special system. In addition to customer data such as mortgage applications, the ex-employee now accused by a New York court also destroyed files that were used to secure the system from blackmail trojans, according to the court documents. She also accessed internal documents such as board minutes.

“Considerable damage to customers”

At first, B. apparently did not have a guilty conscience. “They didn’t revoke my access as if I deleted the file server lol,” she wrote to a friend by text message five days after the crime, the investigators discovered. In the meantime she has confessed to the fact.

It is not entirely clear why the employee had access to the data even after she was kicked out. According to the bank, it had commissioned its IT service provider to withdraw the access rights. Apparently it hadn’t come to that. The fact that a single part-time employee has this degree of access to internal documents and can even delete them does not speak for the company’s IT security anyway.

The damage is considerable. Although the bank appears to have had backups of most of the documents, it cost over $ 10,000 to restore the data, the company said. “With her petty act of revenge, Ms. B. has not only represented a security risk for the bank, she has also seriously harmed customers, who now have to wait longer for applications and their approval to buy a house,” the court quoted the statement of an FBI official . “Such an insider can do more harm than criminals.”