Employee Terminated in Revenge Deletes Company Servers
COMPANY SERVERS – A former employee of National Computer Systems (NCS) in Singapore, became involved in a legal issue after his contract ended in October 2022. Despite working in NCS’s quality assurance team for computer systems, Kandula’s contract was not renewed due to what the company saw as poor performance. However, he continued working until November 16, 2022, which left him confused and upset about his termination, as he believed his work had been satisfactory.
After returning to India, Kandula made a surprising discovery: his login credentials for NCS’s systems were still active. With this access, he began planning revenge against his former employer. Using his roommate’s Wi-Fi, Kandula quietly accessed NCS’s servers starting from February 23, 2023. Over the following days, he used carefully developed scripts designed to delete all 180 test servers of NCS systematically.
Kandula’s actions had a significant impact, causing disruption and financial losses for NCS. The incident cost the company approximately 678,000 Singaporean dollars (about PHP 29.4 million) to resolve and restore operations, reassuring clients that no sensitive data was compromised.
Upon discovering the breach in March 2023, NCS promptly informed the authorities. Investigators traced the unauthorized access back to Kandula, who was identified through tracking his use of his roommate’s Wi-Fi. Authorities seized Kandula’s laptop, which contained evidence confirming his involvement in the server deletions. His internet search history also showed his research into creating scripts for deleting virtual servers.
In response to the incident, NCS acknowledged that the breach occurred because they did not promptly deactivate Kandula’s login credentials after terminating his employment. The company emphasized that it has since strengthened its monitoring and security measures for virtual servers to prevent similar incidents in the future.
In June 2024, the Singaporean court found Kandula guilty of unauthorized access to computer material. He was sentenced to two years and eight months in prison, highlighting the severe consequences of such cybercrimes. This case serves as a reminder of the importance of promptly deactivating access credentials and implementing strong cybersecurity measures to protect organizational assets from insider threats.