🟠High  | Source: The Register — Security
A former IT worker in Iowa was sentenced to 21 months in prison after sabotaging his old school district’s systems following his dismissal. He was caught after confiding in a former colleague who reported him to authorities. The case highlights the real-world consequences of inadequate offboarding procedures and the insider threat risk posed by disgruntled ex-employees.
Security Architect’s Take: Review and tighten your joiners-movers-leavers process immediately — all access, including service accounts, VPNs, and cloud IAM credentials, must be revoked on the day of termination, not days later. Implement privileged access monitoring and alerting to detect anomalous activity from accounts that should no longer be active.
Original advisory: Fired IT worker jailed for 21 months after sabotaging old school district