Twin brothers wipe 96 gov’t databases minutes after being fired
Posted by Flying-T@reddit | sysadmin | View on Reddit | 191 comments
In the US, fired and laid-off workers often have their digital credentials deactivated before they learn about the loss of their jobs; indeed, the inability to log in to a corporate system may be the first an employee knows of the situation.
Although not a generous or humane approach to staff reduction, it does follow from the simple fact that a fired employee with access to company systems is a security risk.
Just ask the Akhter twin brothers, accused of wiping out 96 databases hosting US government information in the minutes after both were fired last year from their shared employer.
https://arstechnica.com/tech-policy/2026/05/drop-database-what-not-to-do-after-losing-an-it-job/
TheWikiJedi@reddit
The headline leaves out the fact that these guys - who had an existing criminal history - were stealing plain text passwords from users of the Equal Employment Opportunity Commission’s website, because they worked for the government contractor supporting it. They would use those creds to try and login to other accounts like travel and airline miles. Article doesn’t have all of the details, but pretty certain they were rightfully fired and not just laid off. The problem was the firing process itself.
arkiverge@reddit
Your comment reads in a way that infers there are job termination conditions that justify the destruction of government or corporate property?
lenswipe@reddit
Surprised they aren't being prosecuted tbh
zakabog@reddit
Sure, but the article mentions it, it's a lot to write in the headline:
Honestly the real criminal here is whoever stored passwords as plaintext in a database.
skorpiolt@reddit
Really? You really think that the real criminal is someone who didn’t think about how passwords are stored, and not someone who purposely seeks out passwords and information to use for nefarious reasons?
wrincewind@reddit
Honestly? Yes. If an architect made a design for a block of flats that didn't include locks on any of the doors, he'd be thrown out for criminal negligence. Why are we held to such power standards?
skorpiolt@reddit
So an architect who didn’t include lockable doors in his design is a more serious criminal than someone who breaks into flats?
wrincewind@reddit
The criminal is responsible for breaking into one flat. The architect is responsible for letting that criminal in, plus the potential robbery of any other flat they were responsible for, including potential future robberies. It's burglary vs criminal negligence.
adx931@reddit
Most locks are easily bypassed using this one weird trick (driving a car through the wall)
belgarion90@reddit
Wait, so I need to have my pentesters try smashing into our data center with a truck?
skorpiolt@reddit
It’s not the best example because along the way someone would have corrected that. You don’t always have the same checks and balances when a solo sysadmin is setting up a system.
And by the way, had it made it that far the architect would be the last in line to receive any charges. You think if you leave your door unlocked you are responsible for things stolen out of your house? Lol
wrincewind@reddit
Along the way someone would have caught that, unless the entire company didn't give a shit about basic security, and left it all up to one guy and never checked his work. There's a reason other areas of expertise have rigorous safety controls and certifications, but when it comes to IT, for some reason a solo sysadmin just winging a design is just... Considered fine? It's baffling.
And, yes, I would consider it my fault if I left my door unlocked and got robbed because of it. I'd blame the criminal for doing it, but I'd also blame myself for allowing it to happen. I know my insurance would agree - if a burglar just let themselves in, I wouldn't have a leg to stand on when it came to the claim.
skorpiolt@reddit
No one said it’s fine, but you’re trying to compare this situation with someone forgetting to install door locks and blame everyone else before the person committing the crime. This is borderline “yeah she was raped, but look at what she was wearing” conversation.
The person committing the crime or doing something that is against the law is the person most responsible, period.
charleswj@reddit
You're example is preposterous and ridiculous and is not what would happen lot anywhere. At worst, locks would simply be added after the fact.
But do you even know what an architect does?
wrincewind@reddit
Yes, my example is preposterous and ridiculous. It could never happen, and any attempts to do so would be laughed out of the room.
But when a program is designed along the same lines, "security last", it's just... Accepted. No-one understands, no-one cares.
Yes, locks could be added after the fact, in the same way that security can be added after the fact, but that doesn't undo the damage caused by the initial negligence.
I feel you're spending too much time looking at my metaphor and not enough time looking at the issue I'm trying to highlight, here.
FarmboyJustice@reddit
I highly doubt anything like this has ever actually happened. Architects are not solely responsible for every aspect of construction. And you don't need architectural drawings to install a lock on a door, any handyman can do this.
wrincewind@reddit
OK, maybe not the best phrasing - if a company built blocks of flats from a set of standard designs, and those designs specified that none of the doors into the flats had any locks on them, (and they somehow convinced people that this was just as secure as if they had regular locks), and then there was a spate of burglaries...
loozerr@reddit
It's a government database - is the original DBA from 80s criminal? Someone else down the line?
Natirs@reddit
The people who are claiming the brothers are not the real criminals are morally bankrupt and should probably not be working in IT. "Oh, it's not my fault this laptop wasn't in the inventory when it came home with me, it's the person who didn't inventory it properly." Same kind of ethics.
skorpiolt@reddit
Yeah… “hey this car was parked at the store with the keys in it.. mine now right? Jail the person that left the keys in it if you want to blame anyone here.” Ridiculous.
1z1z2x2x3c3c4v4v@reddit
Yours? No.
More Likely to be stolen? yes.
WHich is why every PSA says don't leave your car running at the store or a gas station.
We know there are criminals who just wait in the shadows for someone to leave a car running and leave. We know this.
Just as with plain-text passwords, we know hackers exist. Zero Trust assumes that attackers are already inside the network.
I blame the sysadmin more for not encrypting the data, and management for not independently auditing the systems for compliance. Then I blame the criminal for the use of those passwords.
Wise_Guitar2059@reddit
Ikr. People saying yes are out of touch with reality. The person configuring was negligent but not to extent of the one was using it for malicious reasons.
zakabog@reddit
It was a tongue in cheek remark but this poor design is just as bad as being negligent with payment information and should be equally as illegal, obviously these guys broke the law by stealing user credentials but there's no reason in this century to store credentials as plaintext.
FarmboyJustice@reddit
Oh boy, this is gonna end well. Prisons will be full of first year IS students and vibe coders.
zakabog@reddit
You don't go to prison for poorly implemented payment info protection, you pay hefty fines and are open to major lawsuits.
FarmboyJustice@reddit
Something something tongue in cheek remark mumble.
Wise_Guitar2059@reddit
The argument is that one is more blameworthy than other. That’s all. The punishment by law will be different. But I see that you want equal punishment for both which is your prerogative.
zakabog@reddit
That's not at all what I suggested, the penalty for storing payment credentials insecurely is a fine, do you understand what tongue in cheek means?
charleswj@reddit
Even after you specifically say it's tongue in cheek 😂
charleswj@reddit
How do you survive in life taking everything literally, Sheldon?
Tymanthius@reddit
Both can be true.
I personally think that intentionally causing harm is worse than not realizing you are. But storing passwords as plain text is not 'misconfiguration' that's negligence in this day. It's an active cause of harm because they didn't check.
It's one thing of a site goes live and has PT passwords, then they fix it the next day/week. But this was going on how long? That's like car manufacturer forgetting to install the required air bags in a car. Negligence.
skorpiolt@reddit
It’s not like that at all, sorry that’s just a shit example. Anyone can set up a db and go on with their life. Not anyone can build a car and skip QC or skip government requirements.
Extras@reddit
Yes absolutely, pure negligence to have a system that runs with plain text passwords.
Code-Useful@reddit
If that negligence caused people's deaths or other massive losses they would certainly have another answer. So to me the outcome in this circumstance doesn't change the negligence level.
charleswj@reddit
Intent to donate thing is considered much more harshly than lack of intent. It's actually relatively rare to be criminally liable for an unintentional act, especially when it's far removed from the eventual harm.
SnooCupcakes4075@reddit
Just remember that the answers you're getting come from across the world. Many/most probably from places where freedom is a gift from rulers and governments and not recognized a native to the human condition. I agree that the "well what was she wearing" defense doesn't apply in assault cases and the people that did wrong were the ones that did wrong here as well, regardless of the (non-criminal.....some of you are fricking obtuse, c'mon, try to prove that in court) level of "wtf were you thinking" that is deserved here.
Also, why am I not surprised this was a government system.......
Sh1rvallah@reddit
These people are head up their own ass morons.
Fantastic-Shirt6037@reddit
Yeah what a ridiculous thing to say
rassawyer@reddit
Yes
FullTie7145@reddit
I would propose instead of
say
Longer? Yes. But not too long, and a lot clearer.
zakabog@reddit
That reads like they were fired, then stole credentials and wiped the databases.
MalwareDork@reddit
It's a goobered article but holy crap those guys are some serious grifters and conmen. They had more red flags than a Soviet parade.
And the best part is they got hired over someone else that wasn't a complete trainwreck.
LakeVermilionDreams@reddit
Sure, if you don't know how semicolons work.
zakabog@reddit
So basically a headline that wouldn't make sense to 90% of the US population, or anyone that briefly skimmed it on a mobile device and missed the semicolon?
shakygator@reddit
pretty sure semicolons are meant for a related statement. but i agree with you that it seems like they stole them then used the stolen creds to wipe DBs
FarmboyJustice@reddit
Twin brothers wipe 96 government databases minutes after being fired for stealing credentials.
zakabog@reddit
Perfection.
Zlayr@reddit
Journalistic integrity? In THIS economy?
Curious_Designer_248@reddit
🎯 🎯 🎯
Zathrus1@reddit
They weren’t necessarily plain text. Could have just been a reversible cipher.
But it’s still unacceptable in this day and age.
charleswj@reddit
Same thing
farva_06@reddit
Starting to make a bit more sense.
phouchg0@reddit
Ya, someone flunked Infosec 101
Firecracker048@reddit
in 2025 no less having an unencrypted database
brontide@reddit
Were they stored in plain text in the database or were they intercepting it? Poorly designed ( or intentionally ) they may be clear text in flight and easy for people that run the site to redirect if they wanted to.
Mastersord@reddit
Which is likely the same guys. They work for the organization that hosts these databases and at the very least know their way around them. They may have used plain text intentionally for this exact purpose.
Alternative-Emu9189@reddit
I was going to say I was surprised if Ars of all places left out info, if anything their articles are often a bit long.
shimoheihei2@reddit
Also sounds like a lack of proper segregation of duty. Why did these people have such broad access.
ms6615@reddit
Our entire method of government lately is “cheaper and smaller and more efficient” which means fewer employees doing more than they should be. Sometimes that’s bad for the employee, sometimes it’s bad for everyone else.
desterion@reddit
In my agency things are still rather compartmented. I've got less access to things than I used to and there isn't anyone that has the keys to the kingdom. There are guys that will have unrestricted access but only to a certain part. I can't even imagine someone having access to so many DBs even though our IT overall has shrunk.
boli99@reddit
i dont think efficiency is a target
more like 'cheaper and smaller, and less able to spot grift or do anything about it'
Destrae@reddit
yes but not encrypting the password table is crazy
Firecracker048@reddit
that contractor dropped the ball HARD on the hiring process
charleswj@reddit
The gov really dropped the ball. We have a whole vetting process that would have found this. A criminal background is not a showstopper for a clearance, but this is unfathomable
gihutgishuiruv@reddit
Remember when Mark Zuckerberg did this to a bunch of journalists and got to become a billionaire
ChrisC1234@reddit
I disagree. The problem was that hiring process. These two should never have been hired to begin with.
420GB@reddit
Please don't use AI to write reddit posts
jmbpiano@reddit
OP literally copy/pasted the top three paragraphs of the article and added a link. What on earth makes you think they needed AI to do that?
420GB@reddit
I didn't click on the article link because I had decided I don't care about the story after all, but if that's the case then the article is written or re-written by AI and OP should have formatted the paragraphs as a
HectorBeSprouted@reddit
If you care enough to comment, you should care enough to read. The article is not written by AI.
420GB@reddit
I read OPs post, which as it turns out is part of the article. What I read made me lose interest. That's completely fair.
How do you know the article isn't written or re-written by AI?
ninjaluvr@reddit
That ship has sailed. Real human interaction is becoming a thing of the past online.
Bluetooth_Sandwich@reddit
becoming? My brother bot it's been here, especially on a site like reddit.
boli99@reddit
thats exactly what a bot would say
ninjaluvr@reddit
Beep boop bop
Joy2b@reddit
I’d also accept it if they would clearly label them. If they’re coming at things with only a half reading of an article, they clearly need the feedback from people.
aCLTeng@reddit
I'm sure their employer was supposed to be CMMC level 2. Guess we know who didn't follow their compliance docs!
CheeksMcGillicuddy@reddit
Them and 90% of the rest of government contractors. Nov 10 onward will be an interesting time
F0rkbombz@reddit
This. My company audits ourselves against NIST 800-53 internally and while it’s not the heaviest of lifts, I call bullshit on these tiny govt contractors that all claim to meet the requirements for the various govt regulations.
Glittering-Fix360@reddit
I worked for one of these contractors in manufacturing... My whole time there was fighting with leadership saying "We'll fail the audit without this" and their response to me was always "Well, we just tell them we're a small company and we will be fine". In my 2 years there we failed every internal audit, and only had one government audit where the auditors left pissed as hell. By far the most stressful job I've ever had because if they pulled that program hundreds of people would have lost their jobs and leadership didn't give a fuck.
Fratil@reddit
The issue is they let these companies self-attest and the auditors don't chase down specifics as long as something plausible is provided as evidence.
Lots of time the IT people at these smaller places don't even realize how far out of compliance they are.
aCLTeng@reddit
100%. if you're not mostly compliant at this point or a very small org, you're toast.
OkAssistance7072@reddit
I interviewed for at a contactor that was going through the CMMC process and had two months to get it done to fulfill their contract. It was an inside position, but they hired and MSP to help. They weren't even close it was a mess and one of the first questions from the "tech guy" was "do you know anything about .. what was it... MFA?" I got an offer but didn't accept. I have a feeling they're gonna be one of the ones thats toast....
PXranger@reddit
How do you work in IT and not know what MFA is at this point?
Online banking must be a mystery to this guy also.
“My checkbook still works just fine!”
OkAssistance7072@reddit
He wasn't actually an IT guy, he was a "coder" that worked on cnc machines so they thought he could do IT until the gap was filled.
uhateonhaters@reddit
What happens after Nov 10?
Rhombico@reddit
https://dodcio.defense.gov/CMMC/About/
CMMC level 2 starts requiring certifications (which are very expensive and time consuming to get)
monsieurR0b0@reddit
This is why I already have a script that runs every day and will wipe everything unless I stop it. When they fire me I won't have the access to stop it
vabello@reddit
The term is dead man's switch.
badbob001@reddit
And of course the script needs to wipe out all existence of itself.
_haha_oh_wow_@reddit
Crazy that they didn't revoke their credentials before they fired them.
RevLoveJoy@reddit
The real story is the state of hiring practices at government contractors with PII access. They hired people who had done prison time for fraud. Convicted felons. They hired convicted felons and gave them root on our data. If that is the normal kind of oversight at government contractors, I suspect its time for a big audit that ends with lots of criminal charges.
XB_Demon1337@reddit
Government
Audit
Surely you jest.
rywi2@reddit
“We have investigated ourselves and found we’ve done nothing wrong.” \~The Government (usually)
RevLoveJoy@reddit
I mean you're both not wrong - but it would be a case of gov't investigating private business. Which is invariably political... so yeah, probably won't happen without, I dunno, public outrage.
techster79@reddit
How did they hold a SECRET clearance? How are passwords in plaintext? How are they still running Windows Server 2012?
Sandman0@reddit
Because government.
Remember kids, more government is ***never*** the answer.
RCG73@reddit
Little Bobby Droptables
MetalEnthusiast83@reddit
Cool way to turn losing a job (which is a temporary setback) into a crime that will make finding a new job almost impossible!
Generico300@reddit
I mean, if a prison stint for computer and wire fraud didn't make it impossible, neither will this.
Grizknot@reddit
just btw, they were fired bec they were caught stealing credentials from an unsecured db their company hosted. they were likely gonna end up in prison anyway.
banker_bwoyee@reddit
Exactly. They got caught twice. We dont know if thats the end of the list. A 10 year break between crimes?
Sebekiz@reddit
They had already been convicted previously on wire fraud via a computer and still managed to finagle their way into a new job. Obviously some companies do not do enough when checking the background of new hires.
egg1st@reddit
How on earth does a company have sys admin level access to government databases and have no employment background screening?
Generico300@reddit
The same way they store plain text passwords in a government database. By being ridiculously incompetent and apathetic.
Bluetooth_Sandwich@reddit
They prompted Grok nicely to gain access? (jk, but not jk)
Penultimate-anon@reddit
Welcome to the wonderful world of contracting.
nut-sack@reddit
how do they have sys admin level access and not know SQL and how to clear the logs? Or even knowledge that asking an LLM will be logged lol
charleswj@reddit
I have access to systems that I don't necessarily know everything about. It's preposterous to assume or expect otherwise.
If you're an architect for a large system and your background is software development, you may have rights to each individual system, but not know a lot about clearing logs for SQL (even if you know for Oracle) or Windows. It's not something you'd normally have done.
XB_Demon1337@reddit
Yea the folks harping on him googling commands he doesn't remember or know in this thread is quite hilarious. I wager every one of use googles at least one thing we either forgot or didn't know about something we use every day. So why are these two catching flak for the same things we do.
XB_Demon1337@reddit
We google shit all the time we don't do on a daily basis. How often do you clear the logs out of pretty much any system? Pretty rarely. Logs are important to our jobs, so we delete them ONLY when it is highly needed.
He had enough intelligence to make database modifications on the fly. Tells me the log command just wasn't top of mind due to lack of need to use it.
Sk1rm1sh@reddit
Their recruiter probably interviewed ChatGPT by proxy.
uzlonewolf@reddit
The interviewer was probably also ChatGPT, so...
Baxmoke@reddit
lmao
robreddity@reddit
How do these assholes pass a background check? Let alone for a government contractor?
adx931@reddit
They probably agreed to work for 10% less pay.
octahexxer@reddit
This is why we need more Ai instead of human workers, they are more effective and would have wiped all databases before they got fired.
XB_Demon1337@reddit
Not for lack of trying, he got 96 of them by hand jamming the commands. He had plenty of time to keep going as it took 3 weeks to get them.
octahexxer@reddit
Yes but the Ai would have wiped every database in america
reactor4@reddit
How did these guys get hired in the first place? "Muneeb and Sohaib Akhter, now both 34, had been in trouble before. Back in 2015, the brothers pled guilty in Virginia to a scheme involving wire fraud and computers. Muneeb was sentenced to three years in prison, while Sohaib got two." WTF>
deonteguy@reddit
How are Punjabis being allowed access to US government systems? And why were they still herre after leaving prison?
SpiceIslander2001@reddit
"Shortly afterward, he queried the tool “how do you clear all event and application logs from Microsoft windows server 2012,” prosecutors said."
Windows Server 2012?
deonteguy@reddit
We still run that a lot because it's the least unreliable version we've tested, by far. Some of our Windows code is over thirty years old so that might be one reason.
DharmaPolice@reddit
That surprises you?
Pleasant-Seat9884@reddit
Not even Windows Server 2012 R2 :\
ApiceOfToast@reddit
They needed the 32 bit support :/
RestartRebootRetire@reddit
Are there nerd gangs in federal prison?
XB_Demon1337@reddit
Yes/No. Not like what you think no. But certainly guys who can do some fun stuff helping other inmates for various things.
My brother did all the taxes for the guys in his block (like 20 dudes) and never had any issues.
RestartRebootRetire@reddit
The Shawshank Redemption!
XB_Demon1337@reddit
Not exactly the same, but yea similar idea. They just left him alone because he was smart enough to do certain things they didn't know anything about. He helped one guys wife setup an LLC for her business and a few other things. He told me years ago, but I was only half listening.
RestartRebootRetire@reddit
My uncle was an artist and the block leaders loved when he drew flattering portraits of them so he actually got protection, although part of that was his older age too.
XB_Demon1337@reddit
Age is a huge factor for a bunch of them. Kinda odd to see criminals with a code some times lol.
matt95110@reddit
I would ask how they got jobs in the federal government with criminal records but I guess if a certain someone can do it….
Charming-Medium4248@reddit
We had someone working in a cleared space that was a bonafide counterintelligence risk. He got fired from his last job due to it but the subcontractor never reported the issues up the proper chain. His clearance was never pulled and he just went on his way.
It happens more than you think.
matt95110@reddit
I worked in a retail environment during the pandemic and management got so desperate for new staff they waived the criminal background check for the first time in 30 years. It went about as well as you expected.
deonteguy@reddit
We had the opposite experience. We wrongfully rejected too many applicants like myself because Intelius is such crap. Fortunately, at the time I worked in the same office building in Bellevue, WA and knew several people there so I was able to communicate with my potential employer and my current employer was willing to revisit their decision.
There's pages and pages of incorrect data about me still on Intelius.
Nearby_Impact_8911@reddit
Horrifying
Bluetooth_Sandwich@reddit
Don't let your dreams be dreams...
KerryBoehm@reddit
Nowadays you hope the person you hired is who shows up on the first day
Unlikely_Total9374@reddit
Funniest part is that they're using Windows Server 2012 lmao
K_Rocc@reddit
So are they going to prison now?…
deviltrombone@reddit
So Krazy Eyes Kash wasn't overreacting!
Coupe368@reddit
Clearly a network security team was not in the budget.
Headcount for network security was never necessary before.
Why would we need that?
That's too expensive.
korvolga@reddit
Network security has nothing to do with this.
nut-sack@reddit
Sure it does. Audit logs get shipped to a central location, and scanned. The string "drop table" should probably pop a flag somewhere.
I've gotten messages from our internal security team asking for more context on what i was working on because they saw something suspect.
One time it was messing with a cert on a box. Another they were asking why a specific process looked a certain way(i detached it in a weird way, so i could log out).
HilarySwankIsNotHot@reddit
Just because logs get shipped somewhere doesn't make it network security... That's just itsec.
Bluetooth_Sandwich@reddit
tomato tomato
Coupe368@reddit
Sounds just like management who has absolute no clue what network security actually does.
djgizmo@reddit
process wasn’t followed. rofl. automate the term process and be done.
StateOfAmerica@reddit
as a sysadmin: pls dont
as a fellow slave to the shareholder value: pls do
Bluetooth_Sandwich@reddit
the duality of man
TacticalSniper@reddit
Don't forget that this will not hurt the people you're hoping will get hurt and will hurt people you don't want to get hurt.
XB_Demon1337@reddit
That depends on a bunch of factors. Certainly the IT team will have a crash course in restoring all the backups. But how much down time it caused can really take the piss out of a company's image or revenue.
gangaskan@reddit
Yep.
Hope they had good backups lol.
Still a bitch and a quarter to restore that many databases
HilarySwankIsNotHot@reddit
They even mentioned as they were wiping the databases "Muneeb noted that an employee they knew would “have some work to do” when the destruction was revealed.", but something tells me these dudes couldn't care less about who they hurt along the way.
WalkingSucculent@reddit
I dont have Reddit money to give you an award, but this comment deserve it
Tangential_Diversion@reddit
Nah fuck these guys. I'm usually on the side of the regular guy against big corporations. These losers though abused their access to fed DBs to steal identities of regular people and PW spray + compromise their personal accounts, including email addresses.
These guys should get the book thrown at them and beaten. I have absolutely zero empathy for them having dealt with this shit targeting my parents in the past.
Bubby_Mang@reddit
How to clear sql logs, what a noob.
XB_Demon1337@reddit
So you never google any commands for anything ever?
Podalirius@reddit
Those dudes should've never been hired in the first place it seems.
williamp114@reddit
Is it not normal in other countries to disable access immediately once a termination is made official?
XB_Demon1337@reddit
Read the article.
texan01@reddit
It’s normal if HR follows protocol. HR isn’t the best at communicating that though.
flsingleguy@reddit
What about backups? I work for a municipal government with 200 users so we are not big. If someone deleted SQL databases I could restore from Veeam on premise and cloud. I think I have around 170 restore points to choose from as well.
XB_Demon1337@reddit
Read the article.
They had backups and the guys knew that. They just wanted to cause a metric fuck ton of damage by way of lost man hours fixing the mess that was created.
Absolute_Bob@reddit
Too bad they weren't in charge of student loans.
0fficerRando@reddit
And one of their names was Robert'); DROP TABLE STUDENTS;--
XB_Demon1337@reddit
Little Bobby Tables we call him.
Nearby_Impact_8911@reddit
Exactly! Between that and all the hacking going on not one hacker has been like lemme do some good in the world lol
Absolute_Bob@reddit
"Hacking/Phreaking" started out really innocent, just people interested in how things worked and not doing anything bad with it. Hactivisim generally always sucked, it's a shame it turned out to be so profitable that the baddies of the world adopted it. I was around for some of the original BBS stuff, I really miss it.
PostingToPassTime@reddit
From that article linked, it indicated they deleted databases with "investigative files and records related to Freedom of Information Act matters". I would think CJIS clearance would be required to access the sensitive information, and there is no way they had CJIS clearance with a prior criminal history related to computer crimes.
Trip-Trip-Trip@reddit
The policy of revoking access that way does not account for timed deletion script that need periodic postponing. You know, dead mans switch style.
lilhotdog@reddit
Love that they don't name the contractor, probably a big H1B mill providing this kind of top-notch tech talent to the US gov.
Grizknot@reddit
wow, public access clearence background check really isn't anything huh
SourCreamSplatter@reddit
Nice. Fuck the government.
Gullible-Surround486@reddit
Firing before access revokes is one thing, but wiping 96 DBs minutes later is straight up BOFH crimes.
Adept_Strategy_9545@reddit
I’ll get downvoted to hell but this is also why when family works together, you fire them together. Place I used to work, we fired husband (for a pretty serious reason). Wife still worked there so she used her badge to let him back in and they went on a rampage in our warehouse.
Flying-T@reddit (OP)
Rightfully illegal in a civilized country
ifq29311@reddit
spirit of BOFH has been awakened
200kWJ@reddit
The blame goes to his pimply-faced youth assistant
BadSausageFactory@reddit
BOFH would never leave such evidence. EMP is much cleaner.
bi_polar2bear@reddit
The ISSM at DHS definitely didn't follow the STiG checklist. Apparently DHS isn't good stewards of our tax dollars and doesn't follow any federal guidelines on software security.
HayabusaJack@reddit
A couple of jobs back, there were quarterly layoffs for 4 years. You could learn of it by checking your back account as you’d get a check out of the blue.
But at least one person was in the middle of talking in an incident and HR and building security stepped in and escorted him out of the building.
Nonaveragemonkey@reddit
The middle or HR discussion must have been interesting lol
HayabusaJack@reddit
I think the, “so what do you think of [company]?” Exit interview might have been interesting as well.
Sk1rm1sh@reddit
B1naryD1git@reddit
Legends
Miserable-Scholar215@reddit
"Should have paid us a living wage..." moment there
danstermeister@reddit
They are bona fide criminals.
bukkithedd@reddit
I mean, it's completely on par when it comes to incompetence, so....yeah.
lulz
Lord_Pinhead@reddit
Hihi, good job, now you have to pay someone to restore the crap