Dude hit with $300K bill for faking his hours, hacking boss's website
When your fake invoice strategy is black numbers on a black background, you're gonna fail
Former security officer Yovan Garcia better have deep pockets: a California district court has presented him with a bill of more than US$300,000 for attacking his former employer's computer systems.
Garcia was found guilty of misusing his employer's computer systems in a judge-only trial in January.
The company, Tyan Inc (which traded as Security Specialists), first decided something was amiss in 2014 when it noticed a discrepancy between Garcia's claims for overtime and his rostered hours.
It turned out that he'd obtained credentials for the FileMaker Pro-based payroll system, and was logging in from the laptop in his car to book extra hours.
As noted in a final judgment this month, Garcia's bright idea was to enter four hours each day in the field reserved for “lunch”, and since “hours worked” were faxed to clients each day (you read that right), he concealed the fiddle by formatting the field as one-point black type on a black background.
The inevitable outcome was that Garcia and Security Specialists parted company, but the rogue employee wasn't done. The company was hacked in October 2014, with the boss Nick Tsotsikyan's emails, server files, accounting software and databases, and the FileMaker Pro databases targeted.
The company's website was also attacked and defaced, showing digits from operations manager Steve Leon's social security number and an unflattering photograph of Leon.
Not finished, Garcia also used files filched from Security Specialists to solicit the company's customers.
The total of $318,661.70 in damages doesn't include legal fees, which will be determined at a later date. ®