Gucci IT Employee Faces Serious Jail Time for Hacking Former Employer
While an employee at Gucci, Sam Chihlung Yin created an account with a remote-access security token for a fictional worker, so that he would be able to sign back into the Gucci servers if he were to leave the company. When he was fired last May, Yin allegedly decided to exact revenge by activating the security key fob for his fictional employee, signing into the Gucci servers and deleting everything he found by using administrator passwords he knew from his time with the company. Yin erased virtual servers and e-mail inboxes, and took out large swaths of storage.
As a result of the attack, Gucci employees were unable to access their e-mail, some data was destroyed forever and almost a full day of sales was lost. The company claims it suffered $200,000 in total losses and is still dealing with the fallout of the Yin's invasion. When combined, the charges against Yin carry a maximum prison sentence of 175 years.
The incident highlights the importance of tightly controlling computer security in corporate environments. That includes performing regular audits of accounts and frequently changing passwords (especially those for administrator accounts). All it takes is one disgruntled employee to cause untold digital and financial damage.