Ex-Gucci techie fingered for VPN raids

A former Gucci network engineer has been accused of executing devastating attacks on the fashion retailer’s IT infrastructure after being fired.  

Credit: Gucci USA.

The Manhattan District Attorney’s (DA) office announced on Monday it had indicted 34 year-old Sam Yin for launching the raids on Gucci after being fired in May last year.  

While still employed at Gucci, he had created a fake identity for an inactive virtual private network (VPN) token. Yin kept the token after leaving Gucci and was able to gain remote access to its systems after allegedly conning Gucci’s IT department into activating it.

During the first round of attacks in the months after June, Yin knocked out Gucci’s email for 24 hours and destroyed emails and documents, according to Manhattan DA, Cyrus Vance.  

Then in November the former Gucci network engineer deleted several virtual servers and shut down its storage area network, blocking staff access to all files saved on it.

Yin was also accused of deleting Gucci’s corporate mailboxes, which knocked out email for its corporate, retail store managers and e-commerce sales team.

He faces a 50 count indictment, with the most serious charge of computer tampering punishable by a maximum 15 year jail term. 

“I think the message we should all learn from this sorry case is the importance of reviewing your user database and removing unknowns, changing passwords and resetting access rights when a member of your staff leaves your employment,” said Sophos consultant Graham Cluley.