The case underscores the critical security risks posed by disgruntled insiders with administrative access and highlights the importance of robust access controls and monitoring systems.
Maxwell Schultz of Columbus, Ohio, was terminated from his contract IT position on May 14, 2021. Within days of his firing, Schultz executed a coordinated attack that leveraged his technical knowledge and insider access.
He impersonated another contractor to obtain legitimate login credentials, then deployed a PowerShell script that reset approximately 2,500 passwords across the organization.
This mass credential reset effectively locked thousands of employees and contractors out of their systems nationwide, crippling business operations.
Beyond the credential reset, Schultz actively worked to conceal his malicious activities by searching for methods to delete system logs, PowerShell event logs, and clear multiple critical system logs.
This cover-up attempt demonstrates a sophisticated understanding of forensic investigation and log retention mechanisms.
The cumulative damage from the attack resulted in over $862,000 in measurable losses, including employee downtime, customer service disruptions, and extensive labor costs to restore network functionality and security.
As part of his guilty plea to computer fraud charges, Schultz explicitly admitted to conducting the attack in direct retaliation for his termination.
U.S. District Judge Lee Rosenthal will impose sentencing on January 30, 2026, at which time Schultz faces up to 10 years in federal prison and a possible maximum fine of $250,000.
The case was investigated by the FBI, with prosecution handled by U.S. Assistant Attorneys Rodolfo Ramirez and Michael Chu.
This incident reinforces the critical importance of implementing comprehensive insider threat programs, including immediate revocation of system access upon employee termination, enhanced monitoring of administrative activities, and robust audit logging with immutable retention policies.
Find this Story Interesting! Follow us on Google News, LinkedIn and X to Get More Instant Updates
The post Fired Techie Admits Hacking Employer’s Network in Retaliation for Termination appeared first on Cyber Security News.
A jump starter is an essential part of car's emergency kit and you don't need…
ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions, has recently observed a surge…
Microsoft has released an out-of-band hotpatch, KB5084897, addressing a critical Bluetooth device visibility issue impacting…
Microsoft has announced the release of an AI-powered troubleshooting capability for Microsoft Purview Data Lifecycle…
Illinois Senate Bill 3104 aims to make it easier for residents, including renters and condominium…
The first trailer for Dune: Part 3 has arrived, and it gives us our best…
This website uses cookies.