It’s a classic suspense story – Man finds city job in computers. Man works there for 5 years. Man has a huge amount of data responsibility. Man is threatened to be fired. Man creates a password granting him exclusive access to the city IT system.
This Story Is Actually True…
Terry Childs, a 43-year-old computer network administrator has been charged with 4 counts of computer tampering and is on $5 million bail. He was working for the Department of Technology where he had direct access to officials’ e-mails, payroll, confidential documents and jail inmates’ bookings. When he understood that his job was at risk, he started tracking administrator’s comments on his job performance by setting up a tracing system. Then Terry Childs brought San Francisco’s multi-million dollar computer network to its knees by altering password access and preventing top administrators rights to the network.
And It Gets Better
The only person with the password is Terry Childs himself. And he is not telling.
Password security doesn’t have to be limited to tales of horror hacking. Sometimes your password, or in this case the San Francisco’s Department of Technology’s passwords, can be stolen/changed by the guy you share a coffee with every morning. But the question is – could this have been prevented (giving Terry less or no access to other’s passwords) and more importantly, will it be prevented in the future?