Fired New York credit union employee deletes 21GB of customer data in revenge
Whoever said revenge is sour could not have been off the mark as proved by Juliana Barile, a former employee of a New York credit union.
Over 20,000 documents axed within 40 minutes
Juliana pleaded guilty of accessing New York credit union’s computer systems without authorization and destroying over 21 gigabytes of data in revenge after being fired. She managed to delete over 20,000 documents within 40 minutes.
"In an act of revenge for being terminated, Barile surreptitiously accessed the computer system of her former employer, a New York Credit Union, and deleted mortgage loan applications and other sensitive information maintained on its file server," Acting U.S. Attorney Jacquelyn M. Kasulis said.
She previously worked remotely as a part-time employee for the credit union until May 19, 2021, when she was fired. The credit union’s information technology support firm made the greatest mistake of not disabling Barile’s remote access credentials. Two days later, on May 21, Barile logged on for roughly 40 minutes and deleted over 20,000 files and around 3,500 directories, totaling roughly 21.3 gigabytes of data stored on the bank’s share drive. Data including files related to customers’ mortgage loan applications and the financial institution’s anti-ransomware protection software all fell victim to the sour axe of vengence. She didnt stop there, she also opened various confidential Word documents, including files containing board minutes for the credit union.
"Five days later, on May 26, she also texted her friend narrating how she was able to destroy thousands of documents on her former employer’s servers, saying, "They didn’t revoke my access so I deleted p drift lol. [..] I deleted their shared network documents."
The New York credit union had backups of some of the deleted data, but it still had to spend more than $10,000 to restore the data destroyed by Barile.
"Ms. Barile may have thought she was getting back at her employer by deleting files, however she did just as much harm to customers," FBI Assistant Director-in-Charge Driscoll added.
"Her petty revenge not only created a huge security risk for the bank, but customers also depending on paperwork and approvals to pay for their homes were left scrambling.
"An insider threat can wreak just as much havoc, if not more, than an external criminal. The bank and customers are now faced with the tremendous headache of fixing one employee’s selfish actions."
The incident could have been averted
After Barile was fired, another employee asked the bank’s IT support firm to disable Barile’s remote access to the Credit Union’s computer system, but sadly that never happened.