"In the US, fired and laid-off workers often have their digital credentials deactivated before they learn about the loss of their jobs; indeed, the inability to log in to a corporate system may be the first an employee knows of the situation. Though not a generous or humane approach to staff reduction, it does follow from the simple fact that a fired employee with access to company systems is a security risk."
"Just ask the Akhter twin brothers, accused of wiping out 96 databases hosting US government information in the minutes after both were fired last year from their shared employer."
"On Feb. 1, 2025, Muneeb Akhter asked Sohaib Akhter for the plaintext password of an individual who submitted a complaint to the Equal Employment Opportunity Commission's Public Portal, which was maintained by the Akhters' employer. Sohaib Akhter conducted a database query on the EEOC database and then provided the password to Muneeb Akhter. That password was subsequently used to access that individual's email account without authorization."
"Muneeb had been assembling usernames and passwords-5,400 of them taken from his own company's network data. He then built custom Python scripts to try these logins against common websites; for instance, his "marriott_checker.py" application tested the logins against Marriott's hotel c"
Fired or laid-off workers in the US often have digital credentials deactivated before they learn they were dismissed, sometimes making login failure the first notice. This approach is driven by security concerns because a terminated employee with access to company systems can pose a risk. A case involving Muneeb and Sohaib Akhter illustrates the consequences of credential misuse. After prior convictions for wire fraud involving computers, both returned to tech work and later worked at the same company serving federal clients. Government allegations describe unauthorized access attempts, including sharing a plaintext password obtained through an employer-maintained EEOC portal and using it to access an individual’s email without authorization. Additional allegations include collecting thousands of usernames and passwords from company network data and using scripts to test logins against external websites.
#credential-revocation #workplace-layoffs #cybersecurity-risk #unauthorized-access #database-security
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]