Ex-Employee Wiped Financial Data While At Bikini Bar
By Robert McMillan
At the Bikinis Sports Bar and Grill in Austin, Texas, you can get burgers and beer served to you by cute waitresses wearing denim shorts and bikini tops. And if you’re David Palmer, a recently fired IT worker, you can also break into a U.S. military contractor’s computer systems and wipe out payroll files, wreaking havoc at its customers.
That’s exactly what Palmer did on Jan. 21, 2010. Angry that his former employer, McLane Advanced Technologies, had fired him and then refused to help him with an unemployment benefits claim he’d made to the Texas Workforce Commission, Palmer broke into McLane’s systems and deleted payroll files belonging to Lone Star Plastics, a McLane customer that makes polyethylene bags and can-liners. He also broke into a second McLane customer, Capstone Mechanical.
“The only reason for logging into any of these servers was to create general havoc and disorder for McLane Advanced Technologies the following day,” Palmer told investigators, according to court records.
The plan worked. When employees at Lone Star Plastics’ Prattville, Alabama, facility tried to punch in on the 21st, they discovered that the McLane server that hosted their punch clock software and payroll records had shut down. Two days later, McLane Advanced Technologies contacted the U.S. Secret Service, reporting that it had been hacked.
Palmer, formerly an IT administrator with the company, pleaded guilty to computer intrusion charges Thursday in U.S. District Court for the Western District of Texas. He’s set to be sentenced on Nov. 2.
Prosecutors say that Palmer set up a back-door user account entitled “Palmer Lt” before being terminated by McLane at the end of 2009. That account was used to break into the Lone Star Plastics computer and was linked to other intrusions at McLane. Palmer had logged into it from a variety of locations, including his home address in Temple, Texas; Bikinis Sports Bar and Grill; and Buffalo Wild Wings in Waco, Texas.
Disgruntled ex-employees seem to think they can cover their tracks by logging into their former employers from restaurant Wi-Fi networks. Two weeks ago a former IT staffer at the U.S. subsidiary of Japanese drugmaker Shionogi pleaded guilty to similar charges. He had logged in from a McDonalds.
McLane Advanced Technologies sells supply chain management and IT services to the U.S. Department of Defense, state and local governments and large retailers such as Wal-Mart. The company did not return messages seeking comment.
Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert’s e-mail address is email@example.com