eDiscovery Daily Blog

• May 18, 2016

A former IT administrator pled not guilty earlier this month to federal charges of hacking into the computer system of Blue Stone Strategy Group – an Irvine-based company and the man’s former employer – and deleting files.

As announced by the U.S. Attorney’s Office in California, Nikishna Polequaptewa, 34, surrendered to federal employees after being indicted by a federal grand jury in March on one count of unauthorized impairment of a protected computer. At his arraignment, he entered a not guilty plea, was ordered released on a $25,000 bond and was ordered to stand trial on June 28.

“IT administrators often hold the ‘keys to the kingdom’ for companies,” said United States Attorney Eileen M. Decker. “Disgruntled IT administrators can therefore pose a grave threat to businesses, which must take measures to protect themselves when letting such an employee go.”

According to the indictment, Blue Stone provided consulting services to Native American tribal governments throughout the United States. Polequaptewa was responsible for information technology at Blue Stone until November 2014, when he was relieved of his duties, which led to his resignation. The indictment states that Polequaptewa repeatedly accessed the Blue Stone internal server, a desktop computer, and remote accounts held by Blue Stone immediately following his resignation, and allegedly deleted various files belonging to the company.  The computer hacking charge in the indictment carries a statutory maximum penalty of 20 years in federal prison.

Of course, as the announcement notes, “[e]very defendant is presumed to be innocent until and unless proven guilty in court”.  Nonetheless, as US Attorney Decker points out, organizations need to have a plan in place for protecting themselves that at least includes closing accounts and changing credentials when key IT personnel leave the company.

So, what do you think?  Does your organization have a plan in place to lock down access when IT personnel leave?  Please share any comments you might have or if you’d like to know more about a particular topic.

Thanks to Peter S. Vogel’s Internet, Information Technology & e-Discovery Blog for the tip!

Just a reminder that I will be moderating a panel at The Masters Conference Windy City Cybersecurity, Social Media and eDiscovery event next Tuesday, May 24 (we covered it here) as part of a full day of educational sessions covering a wide range of topics.  CloudNine will be sponsoring that session, titled Faster, Cheaper, Better: How Automation is Revolutionizing eDiscovery at 4:15.  Click here to register for the conference.  If you’re a non-vendor, the cost is only $100 to attend for the full day!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.