In a striking example of how poor post-termination procedures can spiral into chaos, a company in Singapore recently learned the hard way what can happen when IT access is not promptly revoked. The result? A disgruntled former employee wreaked havoc on its systems, leading to losses of €630,000 in virtual server assets.
The Fallout of a Mishandled Termination
In October 2022, NCS, a technology services provider, dismissed one of its engineers, Kandula Nagaraju, citing poor performance. However, Nagaraju believed his work had positively contributed to the company, and his resentment at being fired set the stage for a series of disastrous events.
NCS made a critical error: failing to revoke Nagaraju’s access to its virtual servers. This oversight allowed him to exploit his previous permissions and launch a devastating act of revenge. Over a series of unauthorized accesses, Nagaraju deleted 180 virtual servers—tools vital to the company’s software testing operations.
These servers, designed as “sandboxes” to test programs before release, didn’t hold sensitive data. However, their destruction severely disrupted NCS’s operations, resulting in damages exceeding €630,000.
A Calculated Act of Revenge
After his termination, Nagaraju returned to India. In January 2023, using his personal laptop, he accessed NCS systems six times without authorization. By February, he was back in Singapore, working for a new employer. While staying with a former colleague, Nagaraju used the shared Wi-Fi connection to continue his unauthorized activities.
Over the next three months, he meticulously planned his retaliation. Leveraging script snippets sourced online, Nagaraju developed a program designed to wipe out the virtual servers. When executed, this program erased all 180 servers, leaving NCS scrambling to recover.
An internal investigation traced the unauthorized access to Nagaraju’s laptop, where police later discovered the code responsible for the damage. This evidence led to his arrest and a subsequent legal battle.
Legal and Operational Repercussions
Nagaraju was convicted of unauthorized access and intentional damage to NCS’s systems. The Singaporean courts sentenced him to two years and eight months in prison, underscoring the severity of such acts of revenge in the digital age.
For NCS, the fallout extended beyond the financial loss. The incident highlighted vulnerabilities in their security protocols and damaged their reputation. It served as a stark reminder of the critical importance of robust IT governance, particularly during employee transitions.
A Wake-Up Call for Businesses Everywhere
The NCS incident underscores a simple but often overlooked principle: immediately revoking access rights is non-negotiable when an employee leaves. Whether intentional or not, leaving access credentials active creates a significant risk, not just for financial losses but also for operational disruptions and reputational harm.
As cybersecurity threats continue to grow, companies must ensure they have comprehensive offboarding processes in place. While the costs of these processes might seem like an inconvenience, the alternative—a costly breach—could be far worse. This case serves as a cautionary tale for organizations around the world: when it comes to protecting digital assets, there’s no room for error.