Employee's silent rampage wipes out $2.5m worth of data
Paranoia strikes deep
A Florida woman who believed she was about to get fired has been accused of deleting $2.5m worth of computer files to seek revenge on her employer.
Jacksonville Sheriff's officials say Marie Lupe Cooley, 41, used her own account credentials to access the server of Steven E. Hutchins Architects and delete seven years' worth of drawings. The firm's alarm company said someone entered the premises at 11 p.m. on Sunday and was there for about four hours.
Cooley went on her silent rampage after finding a help-wanted ad placed by her boss. It described an open administrative assistant position that sounded remarkably similar to hers.
The rogue employee "decided to go and mess up everything for everybody," a spokesman for the sheriff's office told FirstCoast News here. "She decided to be spiteful and go in and sabotage the records. And she did a very good job of that."
Firm owner Steven Hutchins said he was able to recover the files. "It was not a sensationalistic amount of money," he told El Reg, referring to the fee he paid a consultant to dredge up the discarded architectural drawings. He declined to say if he had stored backups of the files, which were valued at $2.5m.
Cooley was charged with damage in excess of $1,000 to computers and was released on bail.
As it turned out, the help-wanted ad listed a position available in the office of Hutchins's wife. Cooley's job was never under threat, though it probably is now. ®
The data could easily have been worth that much. How many hours of work? How many people working? How much per hour?
It stacks up pretty quickly.
Maybe she killed the backups too?
If she's the sysadmin, she's presumably in charge of the backups. If she's going on a deletion rampage, why not send the backups for a dip in the Atlantic while she's at it?
Random thought is "What the h*eck is an admin assistant doing with the privilege level to delete critical data???". If we take her job title at face value, it seems odd that she's got the privilege to do this in the first place. This seems to indicate that this may not be a company for whom data security is a priority (odd, given it's apparent value!)
A simple journaling file system (or regular backup) to an offsite or secure onsite system would have been enough to have left the rampage as a mere annoyance, dealt with in minutes with no real drama. The fact that they needed to get someone external in to perform "recovery" suggests to me that we're talking about a recovery that involved more than toasting in some backup tapes and picking the data to restore...
Incidentally. Most IT folk at desktop analyst level or above could easily reprogram a door card as someone else, change someone elses password, and then delete critical files out-of-hours without being seen or leaving any clue as to their actions, unless captured on CCTV or seen by lobby security etc. Outside of IT staff - In most cases it would be childs play to bamboozle helpdesk operators into resetting someone elses password, and maybe "borrow" someone elses door card or fool facilities or security into issuing a replacement for a "lost" card. Unless they have CCTV of her deleting the data, or a signed confession from her, I don't see the evidence against the lady is at all conclusive.