Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A former Gucci network engineer has been accused of executing devastating attacks on the fashion retailer’s IT infrastructure after being fired.
The Manhattan District Attorney’s (DA) office announced on Monday it had indicted 34 year-old Sam Yin for launching the raids on Gucci after being fired in May last year.
While still employed at Gucci, he had created a fake identity for an inactive virtual private network (VPN) token. Yin kept the token after leaving Gucci and was able to gain remote access to its systems after allegedly conning Gucci’s IT department into activating it.
During the first round of attacks in the months after June, Yin knocked out Gucci’s email for 24 hours and destroyed emails and documents, according to Manhattan DA, Cyrus Vance.
Then in November the former Gucci network engineer deleted several virtual servers and shut down its storage area network, blocking staff access to all files saved on it.
Yin was also accused of deleting Gucci’s corporate mailboxes, which knocked out email for its corporate, retail store managers and e-commerce sales team.
He faces a 50 count indictment, with the most serious charge of computer tampering punishable by a maximum 15 year jail term.
“I think the message we should all learn from this sorry case is the importance of reviewing your user database and removing unknowns, changing passwords and resetting access rights when a member of your staff leaves your employment,” said Sophos consultant Graham Cluley.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.