A former Gucci network engineer has been accused of breaking into the company’s computer system and deleting data.
The disgruntled ex-Gucci employee apparently accessed the network after his termination via a clandestine account created while still at the luxury retailer.
According to a 50-count indictment issued by the New York County District Attorney’s office, Chihlung Yin coded a VPN token using the name of a fictional employee which he took with him after being fired.
The network engineer then posed as the fictional employee when contacting Gucci’s IT department to request activation of the fob.
Once inside the system, Yin deleted a number of virtual servers, shut down storage areas and wiped corporate mailboxes.
“As a result, Gucci staff was unable to access any documents, files, or other materials saved anywhere on its network. Additionally, Yin’s destruction of data from the e-mail server cut off the e-mail access not only of corporate staff, but also of store managers across the country and the e-commerce sales team – resulting in thousands of dollars in lost sales,” the indictment claimed.
“Gucci’s IT staff was unable to restore system operations until the end of the business day, and the lingering effects of the intrusion continued to impose costs on the company in the weeks and months that followed.”
As Sophos security expert Graham Cluley notes, the case of the disgruntled Gucci hacker highlights the importance of reviewing user databases, removing unknowns, changing passwords and reseting access rights following the departure of a staff member.
“People do, of course, leave jobs all the time and most of them would never dream of logging back in to their old place of work to cause mischief,” he explained.
“But it only takes one disaffected former worker to wreak havoc – so make sure your defenses are in place, and that only authorized users can access your sensitive systems.”