New Threat Research: Analyzing CryptoJS Encrypted Phishing Attempt 

Read Threat Research

Search

Fired Credit Union Employee Destroys 21GB of Data in Revenge

Juliana Barile, the former employee of a New York credit union, pleaded guilty to accessing the financial institution’s computer systems without authorization and destroying over 21 gigabytes of data in revenge after being fired. “In an act of revenge for being terminated, Barile surreptitiously accessed the computer system of her former employer, a New York Credit Union, and deleted mortgage loan applications and other sensitive information maintained on its file server,” Acting U.S. Attorney Jacquelyn M. Kasulis said. According to court documents, the defendant worked remotely as a part-time employee for the credit union until May 19, 2021, when she was fired. Even though a credit union employee asked the bank’s information technology support firm to disable Barile’s remote access credentials, that access was not removed. Two days later, on May 21, Barile logged on for roughly 40 minutes. The defendant deleted over 20,000 files and around 3,500 directories during that time, totaling roughly 21.3 gigabytes of data stored on the bank’s share drive. The wiped data included files related to customers’ mortgage loan applications and the financial institution’s anti-ransomware protection software. Besides deleting documents with customer and company data, Barile also opened various confidential Word documents, including files containing board minutes for the credit union. Five days later, on May 26, she also told a friend via text messages how she was able to destroy thousands of documents on her former employer’s servers, saying, “They didn’t revoke my access, so I deleted p drift lol. [..] I deleted their shared network documents.” Although the New York credit union had backups of some of the data deleted by the defendant, it still had to spend more than $10,000 to restore the destroyed data following Barile’s unauthorized intrusion. “Ms. Barile may have thought she was getting back at her employer by deleting files, however, she did just as much harm to customers,” FBI Assistant Director-in-Charge Driscoll added. “Her petty revenge not only created a huge security risk for the bank, but customers also depending on paperwork and approvals to pay for their homes were left scrambling. “An insider threat can wreak just as much havoc, if not more, than an external criminal. The bank and customers are now faced with the tremendous headache of fixing one employee’s selfish actions.”

Analyst Notes

Employers are highly recommended to develop policies/procedures for when any employee exits the company, either voluntarily or involuntarily. These policies should include checklists that guide the employer on how to revoke login privileges from an exiting employee.

https://www.bleepingcomputer.com/news/security/fired-ny-credit-union-employee-nukes-21gb-of-data-in-revenge/