Forgot your password?
Close
typodupeerror
Crime Network Privacy Security IT

Fired Techie Admits Sabotaging Ex-Employer, Causing $862K In Damage (theregister.com) 57

Posted by BeauHD from the cyber-stunts dept.
An Ohio IT contractor pleaded guilty to breaking into his former employer's network after being fired, impersonating another worker and using a PowerShell script to reset 2,500 passwords -- an act that locked out thousands of employees and caused more than $862,000 in damage. He faces up to 10 years in prison. The Register reports: Maxwell Schultz, 35, impersonated another contractor to gain access to the company's network after his credentials were revoked. Announcing the news, US attorney Nicholas J. Ganjei did not specify the company in question, which is typical in these malicious insider cases, although local media reported it to be Houston-based Waste Management.

The attack took place on May 14, 2021, and saw Schultz use the credentials to reset approximately 2,500 passwords at the affected organization. This meant thousands of employees and contractors across the US were unable to access the company network. Schultz admitted to running a PowerShell script to reset the passwords, searching for ways to delete system logs to cover his tracks -- in some cases succeeding -- and clearing PowerShell window events, according to the Department of Justice.

Prosecutors said the attack caused more than $862,000 worth of damage related to employee downtime, a disrupted customer service function, and costs related to the remediation of the intrusion. Schultz is set to be sentenced on Jan 30, 2026, and faces up to ten years in prison and a potential maximum fine of $250,000.
This discussion has been archived. No new comments can be posted.

Fired Techie Admits Sabotaging Ex-Employer, Causing $862K In Damage More

Fired Techie Admits Sabotaging Ex-Employer, Causing $862K In Damage

Comments Filter:

  • 10 years for this is bullshit.
    Like all computer crimes, the estimated damage is grossly inflated. This doesnâ(TM)t even sound like the damage typical of a ransomware attack.

    The guy is getting screwed.

    • He won't get 10 years, but he'll definitely get too much time

      The "estimated damages" numbers are always pulled out of someone's ass

      Employer probably had everything resolved within a day

      • Let's assume 2500 employees lost 2 hours of productivity each. Let's assume the productivity value for each employee is at least $40/hour. That's $200,000. That's far below $862K. But if the downtime were higher and the lost productivity were higher, it at least puts $862K within the realm of a credible number.

        Don't forget, cleaning up a mess like this isn't as simple as resetting passwords back and having employees log in and change their passwords. There's also things like making sure none of the ac

        • Re:Assume 5,000 man-hours of downtime (Score:4, Insightful)

          by BoogieChile ( 517082 ) on Friday November 21, 2025 @12:01AM (#65808935)

          Not to mention the time taken to ensure he didn't do anything else.

          • Re: (Score:2)

            by cusco ( 717999 )

            Plus finding the myriad services that are now failing because they can't log into systems and databases and figuring out how to reset those. For example their security system needs to run at least half a dozen server-based services and log into a database probably hosted on another server, and access to those resources from client machines must be reset. Much worse, the security cameras also now need to have their password reset. If they're from Axis or Pelco that can be tedious but possible to script, i

        • Generally the specialists needed to go over the system will cost many times more than $40 an hour. Performing a full company wide systems audit to make sure he didn't drop any viruses or exfiltrate data can cost many hundreds of thousands of dollars alone, especially if outside security specialists are used for the task as would often be the case.

          On top of this, a lot of automated tasks can rely on stored passwords for backups, scripts, crons and the like. If he's reset passwords, then doing this could have

    • Agree to disagree here. We dont know what company he accessed or what information he compromised. 250k divided by 2500 employees out of work for a day is $100 each, not including the time it took IT to get them back online, the customers that company services, the thousands of letters the company will have send out notifying customers of a breach, and the amount of time it required for the company and law enforcement to complete a full investigation, then the cost of prosecution and punishment. Id say he is

      • Id say he is getting of light but then again, id like to see aholes like this buried under the prison.

        A Unicorn on SlashDot! I'd make a guess that most people here see Schultz as a hero, and have wet dreams about doing the same to their employer.

        But yeah, There are reasons he was fired, and his willingness to turn to crime is probably one of those reasons.

        • I run a few companies, more than 950 people are working with me, I have a few system administrator, it is a serious matter. Eventually there are people in any company that have access and control that really allows them to do damage that is massive enough that the very survival of a company is in question. This immediately has an effect on all of the clients, all of the people working for the company, partners, families, infrastructure contractors, quite a few things really. This type of behavior really

          • I run a few companies, more than 950 people are working with me, I have a few system administrator, it is a serious matter. Eventually there are people in any company that have access and control that really allows them to do damage that is massive enough that the very survival of a company is in question. This immediately has an effect on all of the clients, all of the people working for the company, partners, families, infrastructure contractors, quite a few things really. This type of behavior really compromises what people think about IT professionals everywhere.

            This is true. And this is why there are penalties. Some here believe it is the physical injury aspect only, when in fact the computer crime can have an impact on thousands, and their families, and their cities, and their customers.

      • Yes, agree.

        Computer crimes may seem "unreal" to people who spend a lot of time on computers. I mean, video games just give you another life when you "die." But the damage is real.

        If this guy had set fire to his office, causing $800K of damage, the reaction might be a little different.

    • Re:Computer crimes are over penalized (Score:5, Informative)

      by uncqual ( 836337 ) on Thursday November 20, 2025 @11:47PM (#65808923)

      It's about $350/password.

      While the summary (and of course I didn't RTFA) doesn't give much detail, that's not a ridiculous amount if each of the affected individuals were delayed in some way by a couple hours in accomplishing their work. It's not just their salaries, it's scheduling of work, customer satisfaction, overhead (such as benefits, SS taxes, etc) related to those couple of hours.

      If the work needs to get done in a timely fashion regardless of the disruption, it may require paying the affected employees overtime to get the work done by the deadline so the calculation could easily reflect 1.5x the time lost.

      • Re: (Score:2)

        by cusco ( 717999 )

        If you need to have your security contractor come on site for $150-200/hr to reset every camera password costs start to accelerate. Now add HVAC systems, building automation, etc.

      • It's about $350/password.

        While the summary (and of course I didn't RTFA) doesn't give much detail, that's not a ridiculous amount if each of the affected individuals were delayed in some way by a couple hours in accomplishing their work. It's not just their salaries, it's scheduling of work, customer satisfaction, overhead (such as benefits, SS taxes, etc) related to those couple of hours.

        If the work needs to get done in a timely fashion regardless of the disruption, it may require paying the affected employees overtime to get the work done by the deadline so the calculation could easily reflect 1.5x the time lost.

        I'm not all that interested in the password against the total cost thing. As you point out there are other things involved.

        In the place I retired from, there were regular meetings with shakers and movers with a high burn rate. Stop one of those, and you can lose millions in a short time.

      • Re: (Score:3)

        by tlhIngan ( 30335 )

        Don't forget the costs to examine everything to make sure there weren't any other surprises hidden somewhere else.

        Forensic computer analysts aren't cheap.

        His script might have just changed passwords, but you don't know if he did anything else.

        I would probably say the costs were probably under-reported and just what they could adequately document as damages. Someone who couldn't log in for a day and do useful work might not be reported because there's no direct cost, just an indirect one of having someone si

    • The guy screwed HIMSELF.

      He also got off a lot lighter than he would have if I were sentencing him.

    • A woman in NYC killed three people in a case of egregious negligent driving, and she'll likely get the lower side of "3 to 9 years."

      https://www.google.com/search?... [google.com]

      • Germany used to be like that too until not too long ago. Nowadays this kind of reckless driving can result in it being considered a murder by the judge - and murder automatically means a life sentence with at least 15 years before parole becomes possible. Not always, unfortunately, but it happens and I hope it will happen more and more in the future.

        • Germany used to be like that too until not too long ago. Nowadays this kind of reckless driving can result in it being considered a murder by the judge - and murder automatically means a life sentence with at least 15 years before parole becomes possible. Not always, unfortunately, but it happens and I hope it will happen more and more in the future.

          I'm drifting off topic here, but I'm curious. In the US, there is a marked disparity in sentences depending on sex and "race". Does any such problem exist in Germany? (here women get the least, and African origin males get the most)

          • Blacks are far less common in Germany hence the ethnic question is quite different. "Migration background" is the closest German equivalent. And yes, the outcome can be different. For example in one such case - the perpetrator will probably be sent to Turkey after he was sentenced to 8 years for reckless driving murder (only 8 years for murder because people under 21 are not considered adults in the court) since he is a German born Turkish citizen.
            Another thing that makes comparisons difficult is that Germa

      • A woman in NYC killed three people in a case of egregious negligent driving, and she'll likely get the lower side of "3 to 9 years." https://www.google.com/search?... [google.com]

        Not to belabor the obvious, but sentence disparities exist by sex and "race". Women get the least, white males more, and males of African origin get the most. So it's comparing apples and oranges.

        • The point still remains: computer crime sentencing is out of whack. This guy got sentenced - not necessarily will serve - ten years for a computer crime. No one was physically injured, though they claim a lot of damage, covered below. Miriam Yarimi caused three deaths - almost an entire family no longer with us - and she got considerably less. So are computer crimes way more harmful than killing someone?

          • The point still remains: computer crime sentencing is out of whack. This guy got sentenced - not necessarily will serve - ten years for a computer crime. No one was physically injured, though they claim a lot of damage, covered below. Miriam Yarimi caused three deaths - almost an entire family no longer with us - and she got considerably less. So are computer crimes way more harmful than killing someone?

            So maybe a stern lecture would be sufficient enough?

            As for crimes in which someone kills another, there is a whole laundry list. Which one is the one you are referring to?

            A non-complete list has:

            Involuntary Manslaughter

            Manslaughter

            Negligent homicide

            Depraved indifference murder

            Second Degree murder

            First degree murder.

            And an array of punishments as well. Everything from a few years to life to the death penalty. This is by design, because accidentally killing someone is different than torturing s

    • IIRC, stuff like this claims triple damages as a baseline.

    • Doing something like this as âoepaybackâ for getting fired is stupid from the start. Seriously, where do you think this will actually take you? And a baseline calculation is probably started by calculating wages for 2500 employees for the day who couldnâ(TM)t work while the IT staff tried to work out what happened.

    • 10 years for this is bullshit. Like all computer crimes, the estimated damage is grossly inflated. This doesnâ(TM)t even sound like the damage typical of a ransomware attack.

      The guy is getting screwed.

      There is a fix for this sort of thing happening to people, Don't commit the crime.

      I know this is slashdot, where a lot of people cheer people like Schultz on as a hero. But What do you think should happen to him. A stern lecture? A reward?

    • This number is easily within the realm of possibility. Its only 500 contractors billed at 200 an hour for a single day. Given that the perp was a contractor himself, this is extremely possible.

    • Even though there are anti-blacklist laws in some states such as California Labor Code Section 1050, this guy will probably never be able to land a high paying job again.

      This coupled with a criminal record severely limits the type of job he can land. This is a life sentence of reduced income. The only jobs he'll be able to get are in low paying precarious jobs which pay daily and where they don't do thorough background checks. Most likely, he'll be homeless and jobless for a large percentage of time for re

  • Did they fire him unfairly?

    • Re:What's his side of the story? (Score:4, Informative)

      by glowworm ( 880177 ) on Friday November 21, 2025 @01:20AM (#65809035) Journal
      What does it matter what his side of the story is? Even if the IT contractor was unjustly terminated it's not carte blanche to access systems you no longer have rights to and perform a childish password-reset payback.

      • Re:What's his side of the story? (Score:4, Funny)

        by AmiMoJo ( 196126 ) on Friday November 21, 2025 @06:23AM (#65809283) Homepage Journal

        He clearly wasn't that good, or he wouldn't have been caught. These amateurs don't seem to understand that they way to do this is to make the system so complex and reliant on you doing certain undocumented actions, that if they fire you it will all collapse on its own. Then you can't be accused of causing damage, because you didn't, you just walked away as asked. It's not your fault that they didn't recognize how essential your services were, or pay you to do a proper rebuild and handover.

  • costs related to the remediation (Score:1)

    by Anonymous Coward

    > and costs related to the remediation of the intrusion

    Hey, they needed MFA before this guy showed up. His Red Teaming did them a favor.

  • Powershell, come on guys. Really? The company was running M$ products and had yet another soft spot exposed. Many companies have this much down time in a year.

    Even so, he was wrong and should be prosecuted for it. Ex-contractors/employees should get punished for stuff like this.

    • > Ex-contractors/employees should get punished for stuff like this.

      Indeed. As someone once told me... "don't go down for petty theft" (the context being someone stealing a few quid from the shop register). If you're gonna do a crime, make it something worth going down for. As someone else once told me, "don't take a risk you're not getting paid for". This guy wasn't getting paid anything, and took a huge risk - big mistake. At least half of his sentence is just for stupidity.

  • Was there ever a single case where the perpetrator was not caught? I doubt it.

    • Re: (Score:2)

      by mjwx ( 966435 )
      They aren't dying out because the way the US treats it's worker class is creating new ones all the time.

      • Re: (Score:2)

        by hwstar ( 35834 )

        An the answer to this in the United States is always to toughen the laws even more. At some point if this continues to the absolute extreme, the death penalty will be given out for "Crimes against the Corporation". After all, gotta keep those plebs in line.

  • I've had over a dozen IT positions as a contractor and the term has always been Let Go (in the US). Has this changed recently? Even when I made a huge political faux pas or had a psycho team lead kick me out the door before he quit the next week. Always Being Let Go.

    • A "political faux pas," and sabotage, are two very different things. The first deserves being "let go", the second deserves presecution.

  • To fire him. I mean, thanks for confirming that, I guess!
  • Fdisk it.

  • ... disrupted customer service function ...

    Did the customers even notice? Every time I've had to interact with any company in their business, the customer service was absolutely terrible. Every one of them.

  • First saw something like this 30+ years ago - someone grabbed a list of publicly available userIDs from the company's email system and apparently either manually or using a keyboard macro simply tried multiple times to logon with an incorrect password to lock out the entire company's thousands of user and team IDs. The company used mainframe systems/databases with centralized passwords, so didn't take long at all (not even 30 minutes, IIRC) to get everyone back in business. One imagines that such a simple '

    • Every single office network everywhere, is vulnerable to trivial attacks. The human being is the weakest link in the security chain, as this story demonstrates.

      Your house is also vulnerable to physical intrusion. If a thief wants in, and your door is locked, they can just break a window. That's pretty trivial.

      Security, both physical and digital, is only as effective as people's respect for boundaries.

  • Employer fires worker, destroys lives and livelihood, causing financial and emotional harm - No fine, no repercussions, 'just a business decision'. Employee hits back at employer - fines, jail time. Seems equitable..

Slashdot Top Deals

The aim of science is to seek the simplest explanations of complex facts. Seek simplicity and distrust it. -- Whitehead.

Close