It just goes to show, however smart you think you are…don’t bother trying to wreck someones data. In this case, even if the guy was pissed it was highly responsible as it involved medical records and could actually seriously effect someones life.
He was pretty careful but left a few clues behind, more than enough for the FBI to catch him (computer names, printers installed etc.).
An IT manager who sought revenge for an unfavorable job evaluation was sentenced to more than five years in federal prison after being convicted of intentionally triggering a massive data collapse on his former employer’s computer network.
Jon Paul Oson, 38, of Chula Vista, California, was sentenced to 63 months behind bars and ordered to pay more than $409,000 in restitution, according to federal prosecutors in San Diego. He was immediately taken into custody after the sentence was handed down on Monday. It is one of the stiffest penalties ever for a computer hacking offense.
It’s a pretty huge sentence for hacking – 63 months or just over 5 years! As mentioned it’s one of the stiffest sentences ever for a computer related crime.
It did cause some serious losses though with a staggered disruption of data, as he was familiar with the backup system he could disable it then wait until the cycle had finished…then once the data was gone it was gone.
On December 23, Oson logged onto servers belonging to his former employer and disabled the program that automatically backed up medical records for thousands of low-income patients. Six days later, he logged on again, and in the span of 43 minutes, methodically deleted the files containing patients’ appointment data, medical charts and other information.
The dollar cost of Oson’s rampage was pegged at $409,337.83 and accounted for expenses for technical investigations and moving to a paper-based system in the weeks following the attack. But the real toll came when doctors at North County Health Services no longer had medical records for thousands of low-income patients who sought medical care. North County Health Services contracted with Oson’s employer to store the records.
Pretty scary that one guy has this kind of power, it just shows it doesn’t pay to annoy the BOFH! Anyway what he did was wrong and he’s getting what he deserved, I mean he didn’t even get canned he just got a bad evaluation.
Any thoughts on this?
Source: The Register
- Dradis v2.9 – Information Sharing For Security Assessments
- MagicTree v1.3 Available For Download – Pentesting Productivity
- Kvasir – Penetration Testing Data Management Tool
- San Fransisco Officials Locked Out of Their Own Network
- UK Hacker Gary McKinnon to Fight Extradition
- 4 Former LulzSec Members Sentenced To Prison Time In The UK
Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,137,451 views
- Hack Tools/Exploits - 581,341 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 414,240 views