In short, a 7-year employee of a $250 million retailer located in Pennsylvania (who shall remain nameless), created and operated a bogus storefront to sell more than half a million dollars worth of Microsoft, Adobe and SAP software to his oblivious employer. The scam began to unravel when the company received a call from the BSA, informing them of licensing disparities that suggested pirated software was in use. As it turns out, Microsoft had traced the sale of illegal software back to the above-mentioned sys admin, which apparently set off the investigation in the first place. To make matters worse, this enterprising chap turned out to be the only person at the entire company who held the administrative passwords to critical systems such as the network router, firewall and switches, the corporate VPN, the email server, Windows AD and desktops, and more. Because of the obvious retaliatory damage the sys admin could bring upon the company if not confronted carefully, the firm hired a security consultant who designed an elaborate sting operation that would have made even Dragnet’s Sergeant Joe Friday proud.
In retrospect, there were a number of dubious things this guy was doing that should have raised a few eyebrows internally, if not set off a full-blown Code Red. But how could the person to whom you’re willing to entrust all your administrative passwords be the sort of guy you might just as easily find cookin’ the books for Bernie Madoff? (Yes, that’s a rhetorical question.)
Read the whole story here, along with other stories of IT professionals going rogue.