Ex-Gucci techie fingered for VPN raids

By

Accused of causing over $200,000 damage.

A former Gucci network engineer has been accused of executing devastating attacks on the fashion retailer’s IT infrastructure after being fired.  

Ex-Gucci techie fingered for VPN raids
Credit: Gucci USA.

The Manhattan District Attorney’s (DA) office announced on Monday it had indicted 34 year-old Sam Yin for launching the raids on Gucci after being fired in May last year.  

While still employed at Gucci, he had created a fake identity for an inactive virtual private network (VPN) token. Yin kept the token after leaving Gucci and was able to gain remote access to its systems after allegedly conning Gucci’s IT department into activating it.

During the first round of attacks in the months after June, Yin knocked out Gucci’s email for 24 hours and destroyed emails and documents, according to Manhattan DA, Cyrus Vance.  

Then in November the former Gucci network engineer deleted several virtual servers and shut down its storage area network, blocking staff access to all files saved on it.

Yin was also accused of deleting Gucci’s corporate mailboxes, which knocked out email for its corporate, retail store managers and e-commerce sales team.

He faces a 50 count indictment, with the most serious charge of computer tampering punishable by a maximum 15 year jail term. 

I think the message we should all learn from this sorry case is the importance of reviewing your user database and removing unknowns, changing passwords and resetting access rights when a member of your staff leaves your employment,” said Sophos consultant Graham Cluley. 

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?