Feeds

City IT manager accused of brazenly stealing mayor's email

Automated script made it easy, feds say

The essential guide to IT transformation

A former IT manager for the city of Hoboken, New Jersey, was arrested on Wednesday on charges he intercepted emails sent to and from its sitting mayor and other top city officials, and forwarded them to others.

Patrick Ricciardi, 45, of Hoboken, used an automated script to access every email sent to or received by Mayor Dawn Zimmer and the two high-ranking officials, federal prosecutors alleged in a criminal complaint filed in US District Court in Newark, New Jersey. He then saved the emails to an archive folder on his official city computer and forwarded them to at least three unidentified individuals.

As the chief information technology officer for the mayor's office, Ricciardi had administrative access to every email account in the office, prosecutors said. He used those privileges to spy on Zimmer, who took office in 2009 after the city's previous mayor was arrested on federal corruption charges.

In April, city officials grew suspicious that the contents of their email correspondences with Zimmer were being leaked to outside parties, the complaint said. Ricciardi's archive folder was discovered after the mayor hired an outside security consultant to audit the computers in her office.

"The investigation has also revealed that many of the elected and appointed officials in the city retain strong ties to the previous administration or are otherwise politically opposed to the mayor, and have sparred with the current mayor on a variety of municipal issues, large and small," the complaint stated. "These officials include several members of the city council, as well as high-ranking employees of different city municipal agencies, such as Public Safety Department, the Fire Department, and the OEM."

Ricciardi appeared in federal court in Newark, New Jersey, on Wednesday on one count each of accessing a computer without authorization, interception of wire and electronic communications, and disclosure of intercepted wire and electronic communications. If convicted, he faces a maximum sentence of 15 years in prison and a $750,000 fine.

He has not yet entered a plea.

The allegations are the latest to underscore the havoc IT managers can wreak on the organizations they're entrusted to administer. For examples of other insider threats, see the related links below. ®

Next gen security for virtualised datacentres

More from The Register

next story
Rupert Murdoch says Google is worse than the NSA
Mr Burns vs. The Chocolate Factory, round three!
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.