An ex-First Republic Bank cloud engineer was sentenced to two years in prison for causing more than $220,000 in damage to his former employer's computer network after allegedly using his company-issued laptop to watch pornography.
Miklos Daniel Brody, 38, of San Francisco, pleaded guilty in April to two charges of violating the Computer Fraud and Abuse Act after obtaining information from and intentionally damaging a protected computer, and one charge of making false statements to a government agency.
In addition to spending two years behind bars, the judge ordered Brody to pay $529,266.
37 in restitution and serve three years of supervised release after he's out of jail.
Brody worked as a cloud engineer for First Republic Bank until March 11, 2020, when he was fired for violating company policy.
Earlier that month, the bank's infosec team received a notification that Brody had used one of his company-issued computers for non-work purposes, allegedly plugging multiple flash drives into the laptop, and downloading files, some of which contained pornography.
The following day, March 11, 2020 Brody sent a rambling email to the VP, according to court documents [PDF].
Those excuses did not work, and later that day, Brody was fired during another meeting with bank executives and escorted off the premises.
His bosses had asked him to bring his company-issued MacBook to the meeting, but he did not, so they told him to return it via mail.
Instead of doing that, Brody allegedly went home and that evening wreaked havoc on First Republic Bank's network in retaliation for getting canned, according to court documents.
After more than two hours before his credentials were revoked.
According to the bank's estimates, the total damage exceeded $220,000.
After discovering the digital break-in, the bank's HD department called Body and demanded he surrender his computer.
Over the next days and weeks, Brody allegedly came up with several more excuses as to why he couldn't return the bank-issued device, including filing a false police report with the San Francisco Police Department claiming the laptop had been stolen from his car while he was working out at the gym.
Brody then doubled down on that false allegation in statements he made to US Secret Service agents.
He later admitted making false statements about the company-issued laptop in his guilty plea.
At his sentencing hearing, the judge determined the total cost to the bank's systems was least $220,621.
It would have so much easier, and cheaper, to simply lock down the account as they left the building, but it seems some folks still haven't got that message.
This Cyber News was published on go.theregister.com. Publication date: Tue, 12 Dec 2023 20:13:04 +0000