> [Opexus] said that “the individuals responsible for hiring the twins are no longer employed by Opexus.”
Getting close to the classic Monty Python line: "Those responsible for sacking the people who have just been sacked, have been sacked."
Jokes aside, stuff like this sucks because I suspect many employers will take from it the most extreme, dehumanizing lessons, e.g.: (a) make firings [edit: including lay-offs] as abrupt as possible including terminating all access immediately, (b) never give second chances to anyone with any sort of criminal record (even say decades old marijuana posession or something).
I'd prefer a more balanced version: limit unilateral access to sensitive systems in general (not just of recently-fired employees), when someone is fired immediately shut off particularly sensitive credentials if they do exist (but not their general-purpose login/email account), avoid hiring people convicted of wire fraud as sysadmins, hash your @!#$ing passwords, etc.
Terminating access and rotating passwords (if needed) while the person is in the meeting but has not yet found out they are being let go has been SOP for at least the last 20 years
Heh, a place where I worked some guy who left kept committing code for months (he went to work for a company we were a vendor for). Some of my teammates knew and just thought it was no big deal, he was fixing bugs and adding features.
The color the director turned when he found out!! Oh man.
My first task at my last job was removing access to an employee being let go. I had just gone through onboarding so I knew every (documented) service we needed to handle. We live tested it on my own accounts, measured the time before I noticed, and then proceeded to successfully go through the checklist.
Except not everything was properly documented, and it turned out the employee had given admin rights on some resources to a contractor which proceeded to wreak havoc on their behalf (the 'rm -rf' kind). Eh!
Amateurs. My employer does mass layoffs by terminating access to everything except their email account at 3am, and then sending an email to the victim saying “you were let go at 3am”. Managers get to figure out who’s left on their team by pinging everyone when they learn about it at work.
When you are talking about access like they had "make firings as abrupt as possible including terminating all access immediately" not doing this is incompetence. This is absolutely a standard and has to be for these kinds of positions. I've never worked anywhere where it wasn't for the majority of IT staff. You meet with HR, someone clears your desk, and security walks you out.
There is a middleground, but it requires conscious effort to prop-up, support, and maintain over the long haul: off-boarding centers.
I worked for a Big Tech company that actually did this, and it made the transition a lot easier. You could still access corporate resources necessary for the transition (HR, benefits, internal job postings, training offerings, expense reporting, etc), check-in with colleagues 1:1 (who would be warned this person was no longer part of the org, attachments could be blocked to prevent exfil, etc), and still send/receive email internally (though external was blocked by default and required justification).
You can safeguard your corporate infrastructure without actually cutting everything off entirely and sending someone home to stew angrily about it. In fact, there might be (as yet undocumented) advantages to letting folks exist in that transition period on that segmented infrastructure, so as to identify potentially bad actors before they can do harm and see about mending bridges.
Of course all of that requires conscious investment in projects with no clear quarterly/yearly KPIs to measure cost or success against, so most employers will never remotely consider it.
> When you are talking about access like they had "make firings as abrupt as possible including terminating all access immediately" not doing this is incompetence.
You're proving my point—employers take the most extreme lesson and it's considered expected practice. They absolutely should have immediately terminated the credentials that granted unilateral access to sensitive databases. (Ideally those would never exist in the first place—there are two-person schemes. A pair of bad actors...well apparently happens according to this article...but is far more unusual.) But employers regularly (but shouldn't) terminate all access including credentials that allow last email to colleagues exchanging personal contact info or something.
If you don't trust your people so much, why to hire them in a first place?
Looking at it from Europe - it is such a weird inhumane practice.
Someone decided your position is redundant. Okay, shit happens, economic downturn, etc. Then you have extra 3-6 months of work to pass your knowledge, train replacement and document everything.
Yeah but if you defense against somebody erasing a database is "we remove their access when they're fired" then your defense is garbage.
Like there's so many other attack vectors besides an upset ex-employee.. Like all those articles about NK employees who presumably are trying very hard not to be fired. Or employees using company provided insecure email software leaving them vulnerable to ransomware et al.
I suppose that's a very powerful way of preventing "accidents" on termination. But isn't that just theatre? I mean - as though termination is the one and only case where an employee with the power to destroy the company gets angry and might do something really stupid?!
the problem is that its so challenging to figure out what the person actually has access to. Have they ever done a export with sensitive information, that is now sitting on their local machine? Any important clients they still are in contact with over email that they may try to sabotage? Any other creative endeavors you haven't thought through?
The most fool proof way is just to nuke the computer in its entirety.
Privileged access should only be temporary in context of break glass with approval. People can go ballistic with core systems for reasons other than firing.
In the US, they'll terminate your access while you're on the Teams Meeting behind the scenes and if you have any gaps, issues, blips, or smudges in your resume it gets thrown into the recycle bin by some AI agent.
In an age of malicious agentic AI, this level of access is negligent. A lack of engineering controls preventing this from happening at all means that a simple phishing or supply chain attack could easily have resulted in the same outcome or worse.
Jokes aside, stuff like this sucks because I suspect many employers will take from it the most extreme, dehumanizing lessons, e.g.: (a) make firings [edit: including lay-offs] as abrupt as possible including terminating all access immediately
The employee is always the last to know. This is standard fare.
> a more balanced version: <bunch of weedy ACLs, judgement calls, liability/>
Too complicated and subjective, stinks of more risk.
Also, I don't think it's dehumanizing it all (having been on the receiving end of it way back when during a layoff, and involved in the process more times than I care to count). It's standard practice for involuntary terms at all companies we work with, whether employee is IT or not. If a company is not doing this already, I'd encourage them to.
> Too complicated and subjective, stinks of more risk.
I actually think there's less risk, because it's not as narrowly focused on what a just-fired employee can do. That's not the only scenario of concern.
> Also, I don't think it's dehumanizing it all (having been on the receiving end of it way back when during a layoff, and involved in the process more times than I care to count).
Interesting. Thanks for the perspective. I've been fortunate enough to not be on the receiving end of a lay-off, knock on wood. It's happened to my teammates/reports though. Wasn't my decision. :-(
> On March 12, 2025, a search warrant was executed at Sohaib’s home in Alexandria. Agents grabbed plenty of tech gear but also turned up seven firearms and 370 rounds of .30 caliber ammunition. Given his former crimes, Sohaib should have had none of this.
For god's sake, don't commit crimes while you're committing crimes.
I was kind of hoping he sprinted out his back door which happened to be on a state line and then mailed his guns back to his house, just to try to cover everything.
In my region of the world a crackdown on street racing started a few years ago. It continued because each night the police stopped someone, there was at least one DUI and suspended license.
Unsurprisingly those who disregard traffic rules tend to equally disregard other rules.
I'm not a big "lock them up" guy but seriously people don't seem to understand how hard it is to actually get the state to put and keep you in jail. You have to do really really bad things multiple times. The US prison population has been falling for over a decade now and part of that is everybody now faces pressure to not use incarceration as a first (or second or fifth) option
I'm just amused how these people were even hired to begin with ? They don't seem to be Americans? How were they even allowed to work on sensitive systems? Why was this even allowed? So many questions.
At 4:58 pm, he wiped out a Department of Homeland Security database using the command “DROP DATABASE dhsproddb.”
At 4:59 pm, he asked an AI tool, “How do i clear system logs from SQL servers after deleting databases?” He later asked, “How do you clear all event and application logs from Microsoft windows server 2012?”
In the space of a single hour, Muneeb deleted around 96 databases with US government information.
They were born in Maryland, and apparently quite skilled (or at least skilled at cheating their way through their studies, if not genuinely technically skilled).
A few other circumstantial things lightly hint at the twins not being typically American:
1. Obliviousness to local laws and oversight (and the combination of severity of punishment + likelihood of getting caught); most Americans of their intelligence would be aware, and would not engage in the sort of hijinks they did.
2. Working with sibling (anecdotal, but seems slightly more common among immigrant families than locals, which would make sense since, on average, immigrants have fewer local connections than locals so the likelihood of working with siblings increases)
3. Loyalty to family (evidenced through the brazenness in the way they helped each other in criminal acts without a second thought). Americans, on average, are more individualist and hesitate more when asked by family to do something criminal
4. A lot of immigrants eventually adopt anglicised names, which neither of these two did
If a detective looked at these facts, they'd keep an open mind as there's nothing definitive above, but it would be equally ignorant to ignore the circumstantial evidence.
Having said all this, do we care where they're from? (unless it's a potential case of foreign interference or theft from an untouchable overseas company, which doesn't seem to be the case here)
I would imagine they lied about having a felony conviction on their job applications, and that for whatever banal reason any background check service they used didn't flag it, or the contractor was so grossly incompetent they didn't even check.
> At 4:58 pm, he wiped out a Department of Homeland Security database using the command “DROP DATABASE dhsproddb.”
This article is hilarious. The two bickering brothers remind me of the guys in the Oceans movies played by Casey Affleck and Scott Caan. It’s amazing they got this close to sensitive data.
> At 4:59 pm, he asked an AI tool, “How do i clear system logs from SQL servers after deleting databases?” He later asked, “How do you clear all event and application logs from Microsoft windows server 2012?”
> In the space of a single hour, Muneeb deleted around 96 databases with US government information. He downloaded 1,805 files belonging to the EEOC and stashed them on a USB drive, then grabbed federal tax information for at least 450 people.
Maybe whoever runs infosec at that place should also be fired?
I love how this leaks out the fact that the DHS is running production databases on operating systems that are months away from end of extended support.
Windows Server has 5 years of mainstream support, 5 years of extended support, and then an extra 3 years paid Extended Security Updates (ESU) support. For 2012 and 2012 R2 that ends in October 2026.
The three years of ESU exists only for organisations like government departments that would rather pay Microsoft millions of dollars for patches than pay a competitive wage and hire competent IT staff that can complete upgrade projects on time.
One of my favorite lines "Peligroso es mi nombre medio" (which of course is not grammatically correct in Spanish) and then his short inspirational speech invoking general Zapata were great.
About 25 years ago we had layoff at a company I worked for. One of the DBA's got fired along with others. Back in the day they didn't revoke access and you had your work computer available until the end of the day. Most, who were fired, just packed and went on their way.
The fired DBA however, stayed behind and finished backing up the databases he was assigned to backup.
I know several stories of people who got fired (or contracts not prolonged) who finished their task at hand, did some handover to colleagues, and then left.
I don’t know where to start with this other than to point out that there is no way in hell these two clowns had the security clearance necessary to access a prod DB at DHS. I can only assume they stole creds from another employee who had that level of clearance. Also, tax records are not stored in a DHS domain .
I think this story has been sanitized to mask some details which is ok I guess but I ain’t buying the back story.
> it does follow from the simple fact that a fired employee with access to company systems is a security risk.
No, employees that can wipe 96 databases are a security risk, even when they're employed. But of course it's easier to go the inhumane route of cutting everything off at employment end rather than fix it properly
How did they get access to 5k passwords? Are they being sent/stored in cleartext? This is the most baffling part of the article for me.
The second part I'm unclear about is how you could pass SOC2 when you aren't terminating account access simultaneously with the employment termination.
From the article, it sounds like the passwords are indeed stored in cleartext:
> On Feb. 1, 2025, Muneeb Akhter asked Sohaib Akhter for the plaintext password of an individual who submitted a complaint to the Equal Employment Opportunity Commission’s Public Portal, which was maintained by the Akhters’ employer. Sohaib Akhter conducted a database query on the EEOC database and then provided the password to Muneeb Akhter. That password was subsequently used to access that individual’s email account without authorization.
The tighter your security is, the more inconvenient it is for legitimate users, and the more you have to do audits because it's easy to justify going around security in the name of efficiency.
It's not just information security, either. I've seen vault doors propped open because the people working inside didn't want to do all the sign-in/sign-out paperwork to take a leak.
First of all, it is viral, and it is almost never adopted based on its own technical merit.
Second, it has lots of levels. The first level is “we wrote down a plan explaining how we’re going to secure stuff”.
The second level is when you start implementation or maybe tracking or something.
The key thing is that first level: When your SOC2 dept says you have to do something idiotic for SOC2 compliance, it is because someone at your company invented the idiocy, and should be fired. However, you still need to follow their dumb plan because that’s the process.
In this case, the “how do we fire people” process, and “how do we prevent one llm from dropping 96 prod DBs in a single session” very well could have had answers in the plan, the plan could have been implemented, and therefore the company is still soc2 compliant, and this is exactly what a working soc2 process is supposed to look like.
And how exactly do you want to store passwords if not in plain text (and then encrypted of course)? 5k is a lot, the authorization process is broken, but this is not related to how the passwords are stored.
The only solution is correct access segregation and a bastion
You should never store passwords in plain-text, encrypted or not, you should always use a one-way cryptographic hash like bcrypt [0], scrypt [1], or PBKDF2 [2], combined with a single use salt [3] and optionally a pepper [4], and then store the output of the hash in the database.
To confirm a user supplied password matches you run input into the same hash function again with the salt+pepper and compare it to the value in the database.
That way if the database is stolen, the attacker cannot recover the contents of the passwords without brute forcing them. Encrypting passwords is not recommended because too often attackers are able to recover the encryption keys during the same attack where the password data is extracted.
Typically you store a hash of user passwords instead, then when logging in you hash the user password client-side and compare the hashes. This acts like a one-way function that protects the password while letting the user authenticate themselves.
I have no problem with my credentials being revoked everywhere before I know about a layoff. I don't really care how I learn about it, just please don't make me come in to the office.
I've never had a job with a permanent individual desk like this. The one in-person real job I had, it was only shared working space that different people used at different times of the day or on different days, and I think you were discouraged from leaving anything. The idea of there being "your desk" with a framed photo of your kids and favorite coffee mug seems like a nearly extinct piece of nostalgia. It must have been nice in a way, far preferable to the new style of open office at least.
Meh. Don't leave anything at work. Forgo the convenience and carry your things on your commute. Use a bag. If there's "too much stuff", that's a sign to pare back what you "need" at work.
So this was why the FBI Director Kash Patel was in a panic when he couldn't log in one day. Revoking credentials before firing someone makes a lot of sense in security.
no, becaus the simple and pragmatic solution for ANYONE who is subject to arbitrary termination, is to litter everything they build with caltrops and dead man triggers
and then hint that they will go into "consulting" when fired.
I know of one case where this was totaly unintentional, and a machinest at a local pulp and paper plant had self delegated to
write the software that controlled tension
on the giant machines in the mill, but as it was his only real forey into sofware, nobody else could operate it, and they fired him after a manegment reshuffle, and then after the next scheduled shut down, nothing worked right, greasy dusty ancient screen with a blinking cursor was what they had, plugged into the important bits of a half sqare mile plant.
still funny to think about!
I wonder if their stellar academic record is due to the same shenanigans? Given that they were caught manipulating logs and deleting evidence to cover their tracks in 2025, that they did the same to their academic records is technically plausible.
In 2011, university systems like George Mason’s were significantly more vulnerable to the exact type of SQL injection and credential theft they were using in their early criminal years.
In my company there were layoffs recently. People had access to production database due to support requests, as we're a young company, so no least-privilege rules were applied yet. Nobody did anything bad. People knew what was going to happen, but no retaliation happened. First, I guess, to not have any problem with law, to pursue the next job without burdens. Things are traceable. Second, why? Why should I destroy my colleagues' work?
Most criminals probably know they will get caught for their crimes and that there may be external or indirect casualties for their crime. Yet it doesn't stop them. Even in places and for crimes with death sentence.
This is no different. If one day you can answer why and how to solve that I am pretty sure we would all be happy to know!
> Muneeb and Sohaib Akhter, now both 34, had been in trouble before. Back in 2015, the brothers pled guilty in Virginia to a scheme involving wire fraud and computers. Muneeb was sentenced to three years in prison, while Sohaib got two.
After their stints in jail, the brothers worked their way back into the tech world. In 2023, Muneeb got a job with a Washington, DC, firm that sold software and services to 45 federal clients; Sohaib got a job at the same company a year later.
What in the actual fuck. I'm all for giving people second chances. But maybe some ringfencing?
No, this is exactly what giving people second chances looks like. It means taking a risk that they're the sort of person who is likely to commit a crime and who will commit a crime again after being given the second chance. The only way to prevent this is to have a blanket policy against giving second chances to people convicted of crimes, which harms people who genuinely intend to reform and not commit crimes again, and who you cannot systematically distinguish from chronic criminals.
There are literally thousands of occupations a former computer based wire fraudster can be given a second chance in that aren't here's a computer full of sensitive government files, with CRUD privileges.
Like... I think ex drugs dealer deserve a chance of legitimate employment, but perhaps doling out prescription drugs is best left to someone that doesn't need a "second chance" to demonstrate they're unusually trustworthy and unlikely to be tempted by the possible side incomes.
The fraud conviction seems totally inappropriate for a government contractor and yet... somehow totally appropriate for someone appointed to work directly for the upper echelons of federal government. Hell, everyone else hacking government officials emails and tax returns and randomly deleting stuff for the lolz in February 2025 was being paid by DOGE.
Look the us government (and I'm sure many others) is so inept at basic software construction I can only view this as a good thing. I presume thousands previous penetrations were simply not so trivially detected.
> Muneeb Akhter asked Sohaib Akhter for the plaintext password of an individual who submitted a complaint to the Equal Employment Opportunity Commission’s Public Portal, which was maintained by the Akhters’ employer. Sohaib Akhter conducted a database query on the EEOC database and then provided the password to Muneeb Akhter.
> On Feb. 1, 2025, Muneeb Akhter asked Sohaib Akhter for the plaintext password of an individual who submitted a complaint to the Equal Employment Opportunity Commission’s Public Portal, which was maintained by the Akhters’ employer. Sohaib Akhter conducted a database query on the EEOC database and then provided the password to Muneeb Akhter. That password was subsequently used to access that individual’s email account without authorization.
It should be a federal crime with prison time to make a DB for a federal agency and not hash and salt passwords or other auth credentials.
It's probably some sort of crusty old application written before salt and hash was SOP. No agency is going to spend money on hardening something non-critical unless there's an incident or there's free money to do so. And that application was likely written by some contractor who's no longer around or has the source code available so any fixes would require an entire redo. And while you're redoing the whole thing, let's add in a bunch of features and scope creep to balloon the cost and schedule. Oops, the new contractor writing the app is overrun so let's bail and go back to the old version.
How on earth did someone previously convicted of what sounds like hacking get job access to so many prod government databases? Wild that it took them so long to get caught.
I had the same questions. Apparently discovery of the prior conviction is what lead to them being fired:
> When the company discovered Sohaib Akhter’s felony conviction, it terminated both brothers’ employment during an online remote meeting on Feb. 18, 2025
The company involved here is apparently based in Washington, DC, which has a "Ban the Box" ordinance that limits employment background checks for most kinds of jobs. And apparently DC's version of the law is particularly strict.
And I recently couldn't get a job through a federal contractor for a federal position (requiring NO security clearance) because they didn't like something on my credit report.
Not many people test their backups. I've encountered some situations where the backups didn't work. And one previous employer who was so lazy that he didn't rotate the backup tapes so that the one tape cartridge was used so long that the oxide layer was rubbed off of the tape - so it was no longer brown but was transparent instead (imagine adhesive tape with no adhesive).
Remind me of a forum a long time ago that sent me my password in clear when I used the "forgot password" link.
When I advised them that it was a bad idea to store password in clear, they answered that they keep it in clear so that they can send it when someone forget.
In my free time, I help maintain the web presence for a small non-profit org with memberships. The original system when I started helping was a bespoke system that was smart in many ways (essentially a static site generator with membership control years before SSGs were cool, with regular automated tests), but the guy who wrote it absolutely insisted on storing passwords in plaintext and could not be convinced otherwise. Eventually he had to drop the volunteer position due to other things in life, and the first thing we did was correct this issue.
There was a screenshot of some website floating around a few years ago, where if you entered the correct password but a wrong username, it would helpfully tell you which user the password is really for.
I've got a better one. I once had the same argument mentioned to me by my manager at the time when I pointed out that passwords were being stored in clear text. That it needs to be this way so that it is read/sent when the users forget their passwords(which happened a lot). I tried to explain that typically a "reset password" flow is used for that but that fell on deaf ears. That system contained healthcare data.
Something bad did end up happening due to that lax security and there were oh so many meetings about it.
Circa 2012 the San Francisco water bill pay was able to send me my password in plaintext when I forgot it. I was scandalized. But the alternative was to not pay the water bill, so I just made extra sure the password was very random and wasn't one that got re-used anywhere... I think they fixed this issue in the years since.
<In the US, fired and laid-off workers often have their digital credentials deactivated before they learn about the loss of their jobs; indeed, the inability to log in to a corporate system may be the first an employee knows of the situation.
They still can install traps that detonates if they are fired. A simple cron job is enough to break havok.
These are the cases why I understand HR kicks people out immediately during a layoff. But then the employee cries inhumanity and desires that they have access for weeks, when they no longer need to. It’s a risk that’s proven unwise. Blame the layoff, not the access revocation
> While this was going on, the brothers held a running conversation. (The government is not clear about whether this took place over text, instant message, or in person.)
Explain to me how we can have a transcript of a conversation without knowing whether it was in person or not. I'm baffled by this sentence.
Deleting data like that is a crime investigated by the FBI. In a very sad story, a brilliant former coworker made a mistake of deleting data after leaving employment and ended up in prison. Brilliant guy, momentary mistake. Overzealous employer.
This makes sense but also an employee who is dishonest is also a security risk; fired or not.
It's ridiculous that companies don't seem to care about ethics. They never seem to select candidates based on proven ethics. They don't even ask any such questions.
For example, I've been in at least 2 situations where I had the ability to inflict major damage to companies which had treated me very poorly and I could have legally gotten away completely whilst doing variants of 'the wrong thing' and profiting but I didn't do it because I have principles. Unfortunately it seems that few people do nowadays. Leaders are fooling themselves if they think they can completely factor out ethics and make it all about aligning incentives. Incentive alignment creates its own problems as this alignment requires constant maintenance and it's both expensive and detrimental in the long run. These people will tend to sabotage every aspect of their responsibilities which isn't directly measured... In order to gain leverage. It's not clever. It's crooked. Should not be rewarded.
My experience as a software developer is that managers alway have lots of blind spots and the wrong people will take advantage of all of them, even when it negatively impacts the company.
"Legal Eagle" has a new video about this. The administration's viewpoint is that the Presidential Records Act is unconstitutional, plus the President owns every document, so he can't be forced to return anything because it belongs to him.
My first thought. I was browsing comments to see if everyone from the US did their mandatory bootlicking and yes, they did. Of course they did.
People are weird. Their government is strongarming half the world at the moment and they do not pause and go "wait, does this mean that if we unionize we can threaten to wipe all the databases unless?"
> [Opexus] said that “the individuals responsible for hiring the twins are no longer employed by Opexus.”
Getting close to the classic Monty Python line: "Those responsible for sacking the people who have just been sacked, have been sacked."
Jokes aside, stuff like this sucks because I suspect many employers will take from it the most extreme, dehumanizing lessons, e.g.: (a) make firings [edit: including lay-offs] as abrupt as possible including terminating all access immediately, (b) never give second chances to anyone with any sort of criminal record (even say decades old marijuana posession or something).
I'd prefer a more balanced version: limit unilateral access to sensitive systems in general (not just of recently-fired employees), when someone is fired immediately shut off particularly sensitive credentials if they do exist (but not their general-purpose login/email account), avoid hiring people convicted of wire fraud as sysadmins, hash your @!#$ing passwords, etc.
Terminating access and rotating passwords (if needed) while the person is in the meeting but has not yet found out they are being let go has been SOP for at least the last 20 years
Heh, a place where I worked some guy who left kept committing code for months (he went to work for a company we were a vendor for). Some of my teammates knew and just thought it was no big deal, he was fixing bugs and adding features.
The color the director turned when he found out!! Oh man.
11 replies →
My first task at my last job was removing access to an employee being let go. I had just gone through onboarding so I knew every (documented) service we needed to handle. We live tested it on my own accounts, measured the time before I noticed, and then proceeded to successfully go through the checklist.
Except not everything was properly documented, and it turned out the employee had given admin rights on some resources to a contractor which proceeded to wreak havoc on their behalf (the 'rm -rf' kind). Eh!
Amateurs. My employer does mass layoffs by terminating access to everything except their email account at 3am, and then sending an email to the victim saying “you were let go at 3am”. Managers get to figure out who’s left on their team by pinging everyone when they learn about it at work.
26 replies →
There's the classic article by Matt Ringel and Tom Limoncelli back from 1999:
https://www.usenix.org/legacy/event/lisa99/full_papers/ringe...
I've turned off my own access at least three times when being let go from different jobs
When you are talking about access like they had "make firings as abrupt as possible including terminating all access immediately" not doing this is incompetence. This is absolutely a standard and has to be for these kinds of positions. I've never worked anywhere where it wasn't for the majority of IT staff. You meet with HR, someone clears your desk, and security walks you out.
There is a middleground, but it requires conscious effort to prop-up, support, and maintain over the long haul: off-boarding centers.
I worked for a Big Tech company that actually did this, and it made the transition a lot easier. You could still access corporate resources necessary for the transition (HR, benefits, internal job postings, training offerings, expense reporting, etc), check-in with colleagues 1:1 (who would be warned this person was no longer part of the org, attachments could be blocked to prevent exfil, etc), and still send/receive email internally (though external was blocked by default and required justification).
You can safeguard your corporate infrastructure without actually cutting everything off entirely and sending someone home to stew angrily about it. In fact, there might be (as yet undocumented) advantages to letting folks exist in that transition period on that segmented infrastructure, so as to identify potentially bad actors before they can do harm and see about mending bridges.
Of course all of that requires conscious investment in projects with no clear quarterly/yearly KPIs to measure cost or success against, so most employers will never remotely consider it.
3 replies →
> When you are talking about access like they had "make firings as abrupt as possible including terminating all access immediately" not doing this is incompetence.
You're proving my point—employers take the most extreme lesson and it's considered expected practice. They absolutely should have immediately terminated the credentials that granted unilateral access to sensitive databases. (Ideally those would never exist in the first place—there are two-person schemes. A pair of bad actors...well apparently happens according to this article...but is far more unusual.) But employers regularly (but shouldn't) terminate all access including credentials that allow last email to colleagues exchanging personal contact info or something.
13 replies →
If you don't trust your people so much, why to hire them in a first place?
Looking at it from Europe - it is such a weird inhumane practice.
Someone decided your position is redundant. Okay, shit happens, economic downturn, etc. Then you have extra 3-6 months of work to pass your knowledge, train replacement and document everything.
13 replies →
Yeah but if you defense against somebody erasing a database is "we remove their access when they're fired" then your defense is garbage.
Like there's so many other attack vectors besides an upset ex-employee.. Like all those articles about NK employees who presumably are trying very hard not to be fired. Or employees using company provided insecure email software leaving them vulnerable to ransomware et al.
2 replies →
I suppose that's a very powerful way of preventing "accidents" on termination. But isn't that just theatre? I mean - as though termination is the one and only case where an employee with the power to destroy the company gets angry and might do something really stupid?!
2 replies →
Having people with that level of access without some form of two-person-control is already a sign of incompetence.
5 replies →
There is another thread elsewhere on the first page about low-trust USA.
Sadly, behaviors and expectations converge toward one another.
Last time I was laid off they let me keep my laptop for the rest of the day. I gave it to them immediately to avoid any accusations of sabotage.
Eventually I tried to log into one of my old cloud accounts, to find it was only disabled since 9 days after my layoff. Pretty sloppy.
1 reply →
I work in government. If you think that is incompetence, then I have stories that could make your skin crawl.
the problem is that its so challenging to figure out what the person actually has access to. Have they ever done a export with sensitive information, that is now sitting on their local machine? Any important clients they still are in contact with over email that they may try to sabotage? Any other creative endeavors you haven't thought through?
The most fool proof way is just to nuke the computer in its entirety.
Privileged access should only be temporary in context of break glass with approval. People can go ballistic with core systems for reasons other than firing.
They do all of that now though...
In the US, they'll terminate your access while you're on the Teams Meeting behind the scenes and if you have any gaps, issues, blips, or smudges in your resume it gets thrown into the recycle bin by some AI agent.
In an age of malicious agentic AI, this level of access is negligent. A lack of engineering controls preventing this from happening at all means that a simple phishing or supply chain attack could easily have resulted in the same outcome or worse.
Jokes aside, stuff like this sucks because I suspect many employers will take from it the most extreme, dehumanizing lessons, e.g.: (a) make firings [edit: including lay-offs] as abrupt as possible including terminating all access immediately
The employee is always the last to know. This is standard fare.
> a more balanced version: <bunch of weedy ACLs, judgement calls, liability/>
Too complicated and subjective, stinks of more risk.
Also, I don't think it's dehumanizing it all (having been on the receiving end of it way back when during a layoff, and involved in the process more times than I care to count). It's standard practice for involuntary terms at all companies we work with, whether employee is IT or not. If a company is not doing this already, I'd encourage them to.
> Too complicated and subjective, stinks of more risk.
I actually think there's less risk, because it's not as narrowly focused on what a just-fired employee can do. That's not the only scenario of concern.
> Also, I don't think it's dehumanizing it all (having been on the receiving end of it way back when during a layoff, and involved in the process more times than I care to count).
Interesting. Thanks for the perspective. I've been fortunate enough to not be on the receiving end of a lay-off, knock on wood. It's happened to my teammates/reports though. Wasn't my decision. :-(
Then Opexus fired the one who said it.
Leaving no one to say anything anymore on their behalf.
> On March 12, 2025, a search warrant was executed at Sohaib’s home in Alexandria. Agents grabbed plenty of tech gear but also turned up seven firearms and 370 rounds of .30 caliber ammunition. Given his former crimes, Sohaib should have had none of this.
For god's sake, don't commit crimes while you're committing crimes.
I was kind of hoping he sprinted out his back door which happened to be on a state line and then mailed his guns back to his house, just to try to cover everything.
It's funny how it's never just one thing.
In my region of the world a crackdown on street racing started a few years ago. It continued because each night the police stopped someone, there was at least one DUI and suspended license.
Unsurprisingly those who disregard traffic rules tend to equally disregard other rules.
I'm not a big "lock them up" guy but seriously people don't seem to understand how hard it is to actually get the state to put and keep you in jail. You have to do really really bad things multiple times. The US prison population has been falling for over a decade now and part of that is everybody now faces pressure to not use incarceration as a first (or second or fifth) option
> Given his former crimes, Sohaib should have had none of this.
Nobody should have a personal armory.
Fortunately enough Americans have enough guns that no matter how much people like you whine about it you'll never be able to take them away.
1 reply →
There is a strong bias towards stupid criminals getting caught.
Only commit one crime at a time
Serially.
1 reply →
I'm just amused how these people were even hired to begin with ? They don't seem to be Americans? How were they even allowed to work on sensitive systems? Why was this even allowed? So many questions.
They were born in Maryland, and apparently quite skilled (or at least skilled at cheating their way through their studies, if not genuinely technically skilled).
https://www.somdnews.com/archive/news/19-year-old-twins-high...
I mean it's the DHS. Let's not pretend they're known for competence or hiring the best and brightest. Glorified chimps with ties and guns.
>> They don't seem to be Americans? How did you conclude that? Just their names?
[flagged]
A few other circumstantial things lightly hint at the twins not being typically American:
1. Obliviousness to local laws and oversight (and the combination of severity of punishment + likelihood of getting caught); most Americans of their intelligence would be aware, and would not engage in the sort of hijinks they did.
2. Working with sibling (anecdotal, but seems slightly more common among immigrant families than locals, which would make sense since, on average, immigrants have fewer local connections than locals so the likelihood of working with siblings increases)
3. Loyalty to family (evidenced through the brazenness in the way they helped each other in criminal acts without a second thought). Americans, on average, are more individualist and hesitate more when asked by family to do something criminal
4. A lot of immigrants eventually adopt anglicised names, which neither of these two did
If a detective looked at these facts, they'd keep an open mind as there's nothing definitive above, but it would be equally ignorant to ignore the circumstantial evidence.
Having said all this, do we care where they're from? (unless it's a potential case of foreign interference or theft from an untouchable overseas company, which doesn't seem to be the case here)
9 replies →
I would imagine they lied about having a felony conviction on their job applications, and that for whatever banal reason any background check service they used didn't flag it, or the contractor was so grossly incompetent they didn't even check.
[flagged]
That was not AT ALL what was implied and you know it.
I too am shocked at the level of federal access that was afforded to these non-Americans that clearly also hold a disdain for the country.
1 reply →
> At 4:58 pm, he wiped out a Department of Homeland Security database using the command “DROP DATABASE dhsproddb.”
This article is hilarious. The two bickering brothers remind me of the guys in the Oceans movies played by Casey Affleck and Scott Caan. It’s amazing they got this close to sensitive data.
> At 4:59 pm, he asked an AI tool, “How do i clear system logs from SQL servers after deleting databases?” He later asked, “How do you clear all event and application logs from Microsoft windows server 2012?”
So many red flags, I can't even.
> In the space of a single hour, Muneeb deleted around 96 databases with US government information. He downloaded 1,805 files belonging to the EEOC and stashed them on a USB drive, then grabbed federal tax information for at least 450 people.
Maybe whoever runs infosec at that place should also be fired?
2 replies →
Yep, Windows Server 2012 being a big one :o
They forgot a
> "How do I clear chat logs from LLM?"
I guess?
I love how this leaks out the fact that the DHS is running production databases on operating systems that are months away from end of extended support.
Windows Server has 5 years of mainstream support, 5 years of extended support, and then an extra 3 years paid Extended Security Updates (ESU) support. For 2012 and 2012 R2 that ends in October 2026.
The three years of ESU exists only for organisations like government departments that would rather pay Microsoft millions of dollars for patches than pay a competitive wage and hire competent IT staff that can complete upgrade projects on time.
11 replies →
Ready access to AI tools sure makes vandalism easy.
14 replies →
> So many red flags
starting with Windows Server _2012_ :O
As somebody who's spent most of my career in Fairfax County I find nothing about this story even remotely surprising.
Those two in the movies were always a highlight for me, especially when the one joins the other in the Mexican factory riot.
One of my favorite lines "Peligroso es mi nombre medio" (which of course is not grammatically correct in Spanish) and then his short inspirational speech invoking general Zapata were great.
Are you a man?
Yes, 19.
Are you alive?
Yes, 18!
Evel Knievel.
—
They also come off as a little bit rosencrantz and guildenstern imo
I think its them on video: https://youtu.be/Rx19zOzQeis
About 25 years ago we had layoff at a company I worked for. One of the DBA's got fired along with others. Back in the day they didn't revoke access and you had your work computer available until the end of the day. Most, who were fired, just packed and went on their way.
The fired DBA however, stayed behind and finished backing up the databases he was assigned to backup.
Once the job was done, he packed and left.
True story!
That seems… normal?
I know several stories of people who got fired (or contracts not prolonged) who finished their task at hand, did some handover to colleagues, and then left.
I don’t know where to start with this other than to point out that there is no way in hell these two clowns had the security clearance necessary to access a prod DB at DHS. I can only assume they stole creds from another employee who had that level of clearance. Also, tax records are not stored in a DHS domain .
I think this story has been sanitized to mask some details which is ok I guess but I ain’t buying the back story.
> it does follow from the simple fact that a fired employee with access to company systems is a security risk.
No, employees that can wipe 96 databases are a security risk, even when they're employed. But of course it's easier to go the inhumane route of cutting everything off at employment end rather than fix it properly
How did they get access to 5k passwords? Are they being sent/stored in cleartext? This is the most baffling part of the article for me.
The second part I'm unclear about is how you could pass SOC2 when you aren't terminating account access simultaneously with the employment termination.
From the article, it sounds like the passwords are indeed stored in cleartext:
> On Feb. 1, 2025, Muneeb Akhter asked Sohaib Akhter for the plaintext password of an individual who submitted a complaint to the Equal Employment Opportunity Commission’s Public Portal, which was maintained by the Akhters’ employer. Sohaib Akhter conducted a database query on the EEOC database and then provided the password to Muneeb Akhter. That password was subsequently used to access that individual’s email account without authorization.
It still blows my mind. Shouldn't the government audit their contracting companies for egregious issues like this? Seems extremely reckless not to.
4 replies →
Policy and practice might not be the same thing. The company and the entire management staff should be on somebody’s blacklist for future procurement.
The tighter your security is, the more inconvenient it is for legitimate users, and the more you have to do audits because it's easy to justify going around security in the name of efficiency.
It's not just information security, either. I've seen vault doors propped open because the people working inside didn't want to do all the sign-in/sign-out paperwork to take a leak.
The whole point of stuff like SOC2 and audit to verify that policy is actually implemented. Seems like nobody actually checked.
1 reply →
I don’t think you understand what SOC2 is.
First of all, it is viral, and it is almost never adopted based on its own technical merit.
Second, it has lots of levels. The first level is “we wrote down a plan explaining how we’re going to secure stuff”.
The second level is when you start implementation or maybe tracking or something.
The key thing is that first level: When your SOC2 dept says you have to do something idiotic for SOC2 compliance, it is because someone at your company invented the idiocy, and should be fired. However, you still need to follow their dumb plan because that’s the process.
In this case, the “how do we fire people” process, and “how do we prevent one llm from dropping 96 prod DBs in a single session” very well could have had answers in the plan, the plan could have been implemented, and therefore the company is still soc2 compliant, and this is exactly what a working soc2 process is supposed to look like.
Depends on what their offboarding policy is. If it's 72 hours or something they would not breach policy.
And how exactly do you want to store passwords if not in plain text (and then encrypted of course)? 5k is a lot, the authorization process is broken, but this is not related to how the passwords are stored.
The only solution is correct access segregation and a bastion
You should never store passwords in plain-text, encrypted or not, you should always use a one-way cryptographic hash like bcrypt [0], scrypt [1], or PBKDF2 [2], combined with a single use salt [3] and optionally a pepper [4], and then store the output of the hash in the database.
To confirm a user supplied password matches you run input into the same hash function again with the salt+pepper and compare it to the value in the database.
That way if the database is stolen, the attacker cannot recover the contents of the passwords without brute forcing them. Encrypting passwords is not recommended because too often attackers are able to recover the encryption keys during the same attack where the password data is extracted.
[0] https://en.wikipedia.org/wiki/Bcrypt
[1] https://en.wikipedia.org/wiki/Scrypt
[2] https://en.wikipedia.org/wiki/PBKDF2
[3] https://en.wikipedia.org/wiki/Salt_(cryptography)
[4] https://en.wikipedia.org/wiki/Pepper_(cryptography)
Hashed, you store them hashed (and salted). A breach should never reveal passwords.
You speak very authoritatively on something you don’t know.
Hashing passwords has been a thing for at least 50 years now. V3 unix had /etc/passwd which hashed all user passwords. Notably, these hashed passwords in early unix have been cracked: https://arstechnica.com/information-technology/2019/10/forum...
I guess you got your answer.
I hope youre joking
Typically you store a hash of user passwords instead, then when logging in you hash the user password client-side and compare the hashes. This acts like a one-way function that protects the password while letting the user authenticate themselves.
15 replies →
You don't store passwords.
You store safely crafted hashes.
I don't think those words mean what you think they mean.
Assuming you're serious? Store passwords with salted one-way hashes.
I can only think of a scenario where this is still valid: spying.
The minimum one can do is have a different randomized password for every service on a possibly completely offline password manager.
Yes, you will depend on a password manager at all times, but at least the blast radius is minimized to the affected service.
I have no problem with my credentials being revoked everywhere before I know about a layoff. I don't really care how I learn about it, just please don't make me come in to the office.
> just please don't make me come in to the office.
But how do you pick up the stuff from your desk? I once lost a nice pair of headphones this way.
I've never had a job with a permanent individual desk like this. The one in-person real job I had, it was only shared working space that different people used at different times of the day or on different days, and I think you were discouraged from leaving anything. The idea of there being "your desk" with a framed photo of your kids and favorite coffee mug seems like a nearly extinct piece of nostalgia. It must have been nice in a way, far preferable to the new style of open office at least.
3 replies →
ship it?
Meh. Don't leave anything at work. Forgo the convenience and carry your things on your commute. Use a bag. If there's "too much stuff", that's a sign to pare back what you "need" at work.
15 replies →
So this was why the FBI Director Kash Patel was in a panic when he couldn't log in one day. Revoking credentials before firing someone makes a lot of sense in security.
> So this was why the FBI Director Kash Patel was in a panic when he couldn't log in one day
Ever tried to login with two factor and justify a maxed out company card while high as a kite and drunk?
It’s stressful.
Professionally, he spells his name thusly: FBI Director Ka$h Patel, so you know he’s serious.
1 reply →
no, becaus the simple and pragmatic solution for ANYONE who is subject to arbitrary termination, is to litter everything they build with caltrops and dead man triggers and then hint that they will go into "consulting" when fired.
I know of one case where this was totaly unintentional, and a machinest at a local pulp and paper plant had self delegated to write the software that controlled tension on the giant machines in the mill, but as it was his only real forey into sofware, nobody else could operate it, and they fired him after a manegment reshuffle, and then after the next scheduled shut down, nothing worked right, greasy dusty ancient screen with a blinking cursor was what they had, plugged into the important bits of a half sqare mile plant. still funny to think about!
4 replies →
[flagged]
He may be a bad person but he has a very pretty handwriting.
Your comment made me go read TFA, and yes, that is rather pretty handwriting.
I wonder if their stellar academic record is due to the same shenanigans? Given that they were caught manipulating logs and deleting evidence to cover their tracks in 2025, that they did the same to their academic records is technically plausible.
In 2011, university systems like George Mason’s were significantly more vulnerable to the exact type of SQL injection and credential theft they were using in their early criminal years.
In my company there were layoffs recently. People had access to production database due to support requests, as we're a young company, so no least-privilege rules were applied yet. Nobody did anything bad. People knew what was going to happen, but no retaliation happened. First, I guess, to not have any problem with law, to pursue the next job without burdens. Things are traceable. Second, why? Why should I destroy my colleagues' work?
Most criminals probably know they will get caught for their crimes and that there may be external or indirect casualties for their crime. Yet it doesn't stop them. Even in places and for crimes with death sentence.
This is no different. If one day you can answer why and how to solve that I am pretty sure we would all be happy to know!
> Muneeb and Sohaib Akhter, now both 34, had been in trouble before. Back in 2015, the brothers pled guilty in Virginia to a scheme involving wire fraud and computers. Muneeb was sentenced to three years in prison, while Sohaib got two.
After their stints in jail, the brothers worked their way back into the tech world. In 2023, Muneeb got a job with a Washington, DC, firm that sold software and services to 45 federal clients; Sohaib got a job at the same company a year later.
What in the actual fuck. I'm all for giving people second chances. But maybe some ringfencing?
No, this is exactly what giving people second chances looks like. It means taking a risk that they're the sort of person who is likely to commit a crime and who will commit a crime again after being given the second chance. The only way to prevent this is to have a blanket policy against giving second chances to people convicted of crimes, which harms people who genuinely intend to reform and not commit crimes again, and who you cannot systematically distinguish from chronic criminals.
There are literally thousands of occupations a former computer based wire fraudster can be given a second chance in that aren't here's a computer full of sensitive government files, with CRUD privileges.
Like... I think ex drugs dealer deserve a chance of legitimate employment, but perhaps doling out prescription drugs is best left to someone that doesn't need a "second chance" to demonstrate they're unusually trustworthy and unlikely to be tempted by the possible side incomes.
The fraud conviction seems totally inappropriate for a government contractor and yet... somehow totally appropriate for someone appointed to work directly for the upper echelons of federal government. Hell, everyone else hacking government officials emails and tax returns and randomly deleting stuff for the lolz in February 2025 was being paid by DOGE.
The article isn't particularly clearly written, but it seems like their background checks were bad and were fired once management figured it out.
Nice handwritings, though.
Look the us government (and I'm sure many others) is so inept at basic software construction I can only view this as a good thing. I presume thousands previous penetrations were simply not so trivially detected.
prosecute the company too.
storing passwords in plaintext should be persecuted & having unlimited access to customer databases.
A true professional always makes sure to leave their workspace completely spotless before going home
So no guns and ammo?
> Muneeb Akhter asked Sohaib Akhter for the plaintext password of an individual who submitted a complaint to the Equal Employment Opportunity Commission’s Public Portal, which was maintained by the Akhters’ employer. Sohaib Akhter conducted a database query on the EEOC database and then provided the password to Muneeb Akhter.
WTF?
Sidenote I love that the DHS prod DB is called “dhsproddb”.
> “Delete their filesystem as well?” he said.
> “Smart idea,” said Muneeb.
Seems obvious they weren't destroying databases just out of malice (i.e. retribution for being fired), but in order to cover up something/s..
This whole story is just line after line of utter incompetence.
The "after they were fired" sounds catchy, but isn't even the biggest failure.
This organization shouldn't be permitted anywhere near government, or any non-public, data/information.
Dumb and dumber. Criminals just can't stop doing crimes (the password stuff, the gun stuff, etc, etc).
It’s crazy that people are desperate for jobs and these clowns get hired.
Well, who else would you hire for the circus?
Perhaps don't hire people who act as foreign adversaries for government work? Is that really such an absurd proposition?
13 replies →
Maybe they're really, really good at leetcode. You can't pass up talent like that. </sarcasm>
> On Feb. 1, 2025, Muneeb Akhter asked Sohaib Akhter for the plaintext password of an individual who submitted a complaint to the Equal Employment Opportunity Commission’s Public Portal, which was maintained by the Akhters’ employer. Sohaib Akhter conducted a database query on the EEOC database and then provided the password to Muneeb Akhter. That password was subsequently used to access that individual’s email account without authorization.
It should be a federal crime with prison time to make a DB for a federal agency and not hash and salt passwords or other auth credentials.
It's probably some sort of crusty old application written before salt and hash was SOP. No agency is going to spend money on hardening something non-critical unless there's an incident or there's free money to do so. And that application was likely written by some contractor who's no longer around or has the source code available so any fixes would require an entire redo. And while you're redoing the whole thing, let's add in a bunch of features and scope creep to balloon the cost and schedule. Oops, the new contractor writing the app is overrun so let's bail and go back to the old version.
This is what I want to know. Are there any consequences for this contractor? At least fraud or negligence or something?
How on earth did someone previously convicted of what sounds like hacking get job access to so many prod government databases? Wild that it took them so long to get caught.
I had the same questions. Apparently discovery of the prior conviction is what lead to them being fired:
> When the company discovered Sohaib Akhter’s felony conviction, it terminated both brothers’ employment during an online remote meeting on Feb. 18, 2025
from https://www.justice.gov/opa/pr/federal-jury-convicts-virgina... which is a better source on this.
That prompts the question of why background checks are so lax that they were hired before this was discovered.
The company involved here is apparently based in Washington, DC, which has a "Ban the Box" ordinance that limits employment background checks for most kinds of jobs. And apparently DC's version of the law is particularly strict.
2 replies →
And I recently couldn't get a job through a federal contractor for a federal position (requiring NO security clearance) because they didn't like something on my credit report.
[dead]
The handwriting was very solid.
Claude: drops production zone with the database and backups
Meatbags: hold my beer...
No back ups? Skill issue.
Not many people test their backups. I've encountered some situations where the backups didn't work. And one previous employer who was so lazy that he didn't rotate the backup tapes so that the one tape cartridge was used so long that the oxide layer was rubbed off of the tape - so it was no longer brown but was transparent instead (imagine adhesive tape with no adhesive).
The article says that they did have backups
Some good handwriting
so, apparently, the passwords were stored in cleartext.
Remind me of a forum a long time ago that sent me my password in clear when I used the "forgot password" link.
When I advised them that it was a bad idea to store password in clear, they answered that they keep it in clear so that they can send it when someone forget.
Defeated by such argument, I deleted my account.
In my free time, I help maintain the web presence for a small non-profit org with memberships. The original system when I started helping was a bespoke system that was smart in many ways (essentially a static site generator with membership control years before SSGs were cool, with regular automated tests), but the guy who wrote it absolutely insisted on storing passwords in plaintext and could not be convinced otherwise. Eventually he had to drop the volunteer position due to other things in life, and the first thing we did was correct this issue.
There was a screenshot of some website floating around a few years ago, where if you entered the correct password but a wrong username, it would helpfully tell you which user the password is really for.
3 replies →
I've got a better one. I once had the same argument mentioned to me by my manager at the time when I pointed out that passwords were being stored in clear text. That it needs to be this way so that it is read/sent when the users forget their passwords(which happened a lot). I tried to explain that typically a "reset password" flow is used for that but that fell on deaf ears. That system contained healthcare data.
Something bad did end up happening due to that lax security and there were oh so many meetings about it.
2 replies →
> Defeated by such argument, I deleted my account.
I'd bet your account wasn't actually deleted, just marked as deleted or inactive.
Circa 2012 the San Francisco water bill pay was able to send me my password in plaintext when I forgot it. I was scandalized. But the alternative was to not pay the water bill, so I just made extra sure the password was very random and wasn't one that got re-used anywhere... I think they fixed this issue in the years since.
Gnu Mailman still does this, and sends a monthly reminder email of your password.
Greetings, Bioconductor
Dude gets A++ on penmanship, seriously someone should make a font.
<In the US, fired and laid-off workers often have their digital credentials deactivated before they learn about the loss of their jobs; indeed, the inability to log in to a corporate system may be the first an employee knows of the situation.
They still can install traps that detonates if they are fired. A simple cron job is enough to break havok.
Hire ethical people.
These are the cases why I understand HR kicks people out immediately during a layoff. But then the employee cries inhumanity and desires that they have access for weeks, when they no longer need to. It’s a risk that’s proven unwise. Blame the layoff, not the access revocation
This is very surprising that they would pass a background check. I've been denied an offer because of a low credit score multiple times.
> While this was going on, the brothers held a running conversation. (The government is not clear about whether this took place over text, instant message, or in person.)
Explain to me how we can have a transcript of a conversation without knowing whether it was in person or not. I'm baffled by this sentence.
Probably confession
The penmanship of the guy is extremely neat, like, uncannily so
Deleting data like that is a crime investigated by the FBI. In a very sad story, a brilliant former coworker made a mistake of deleting data after leaving employment and ended up in prison. Brilliant guy, momentary mistake. Overzealous employer.
Asked for the plaintext password, and then his brother made a “ database query on the EEOC database and then provided the password”.
I wonder how many government dbs store passwords in plaintext…
Also, these guys sound like sociopaths. I bet some of their peers felt constant discomfort and threat just being near them.
This makes sense but also an employee who is dishonest is also a security risk; fired or not.
It's ridiculous that companies don't seem to care about ethics. They never seem to select candidates based on proven ethics. They don't even ask any such questions.
For example, I've been in at least 2 situations where I had the ability to inflict major damage to companies which had treated me very poorly and I could have legally gotten away completely whilst doing variants of 'the wrong thing' and profiting but I didn't do it because I have principles. Unfortunately it seems that few people do nowadays. Leaders are fooling themselves if they think they can completely factor out ethics and make it all about aligning incentives. Incentive alignment creates its own problems as this alignment requires constant maintenance and it's both expensive and detrimental in the long run. These people will tend to sabotage every aspect of their responsibilities which isn't directly measured... In order to gain leverage. It's not clever. It's crooked. Should not be rewarded.
My experience as a software developer is that managers alway have lots of blind spots and the wrong people will take advantage of all of them, even when it negatively impacts the company.
imagine the delete-fest the current whitehouse is going to do in a few years
all with pardons waiting so they can't be convicted
they might not even wait a few years
"Legal Eagle" has a new video about this. The administration's viewpoint is that the Presidential Records Act is unconstitutional, plus the President owns every document, so he can't be forced to return anything because it belongs to him.
They might not leave, at all.
[dead]
[flagged]
Don't be a bigot.
oy cant say bad things or make jokes about people who did terrible thing cuz their not white. my mistake m8
4 replies →
Oh no, the workers have power!
My first thought. I was browsing comments to see if everyone from the US did their mandatory bootlicking and yes, they did. Of course they did.
People are weird. Their government is strongarming half the world at the moment and they do not pause and go "wait, does this mean that if we unionize we can threaten to wipe all the databases unless?"