Ex-Citibank IT bloke wiped bank's core routers, will now spend 21 months in the clink
Performance review sparks deletion, 110 offices knackered
A former employee of Citibank has been sentenced to 21 months in prison for crippling the bank's internal network.
Lennon Ray Brown was given the nearly two-year jail term – along with a $77,000 fine – by a Northern Texas District Court this week after he pleaded guilty to one count of intentional damage to a computer.
Brown, 38, admitted that on December 23, 2013, he issued commands to wipe the configuration files on 10 core routers within Citibank's internal network.
The resulting outage hit both network and phone access to 110 branches nationwide – about 90 per cent of all Citibank branch offices.
Brown had been working at Citibank's Irving, Texas, corporate office since 2012, first as a contractor and later as a staff employee, when he was called in by a manager and reprimanded for poor performance.
At that point, the US Department of Justice said, the rogue employee uploaded a series of commands to Citibank's Global Control Center routers, deleting the config files for nine of the routers and causing traffic to be re-routed through a set of backup routers. Court documents show that while there was not a complete outage, the re-routing led to "congestion" on the network and at the branch offices.
Brown said the following in a text message to a coworker shortly after the incident:
They was firing me. I just beat them to it. Nothing personal, the upper management need to see what they guys on the floor is capable of doing when they keep getting mistreated. I took one for the team.
Sorry if I made my peers look bad, but sometimes it take something like what I did to wake the upper management up.
Brown admitted the intentional damage charge in February. ®
Sponsored: Becoming a Pragmatic Security Leader