IT admin deletes company’s databases and is jailed for seven years

Forensic experts correlated WiFi connectivity logs and timestamps with internal CCTV footage to confirm their suspicions

A hand typing on a laptop while binary code is displayed on the screen
(Image credit: Getty Images)
Zach Marzouk's avatar
By
published
in News

A former database administrator in China has been jailed for seven years after deleting data belonging to his employer Lianjia, a real-estate brokerage giant.

British 'Dark Overlord' hacker jailed for five years in the US Hackers to face 25 years in jail for cyber attacks on Australia's national infrastructure Yes, you can use Excel as an enterprise database tool

Han Bing allegedly performed the act in June 2018, according to Bleeping Computer. Bing used admin privileges and a root account to access the company’s financial system and delete data found on two database servers and two application servers.

The action immediately affected large parts of Lianjia’s operations which left tens of thousands of employees without salaries for an extended period. The company also had to carry out data restoration efforts which cost around $30,000.

Bing was one of five suspects in the data deletion incident, detailed documents released by the court of the People's Procuratorate of Haidian District. The administrator raised the authorities’ suspicion when he refused to give his laptop password to the company’s investigators.

"Han Bing claimed that his computer had private data and the password could only be provided to public authorities, or would only accept entering it himself and being present during the checks," reported local news outlet 4hou.

Technicians retrieved access logs from the servers and traced the activity to internal IPs and MAC addresses. The inspectors also retrieved WiFi connectivity logs and timestamps and eventually confirmed their suspicions by correlating them with CCTV footage.

RELATED RESOURCE

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

FREE DOWNLOAD

The forensic expert also found that Bing had wiped the databases by using the commands “shred” and “rm”. The shred command overwrites the data three times with multiple patterns so they cannot be recovered while rm removes the symbolic links of the files.

Bing had previously informed his employer about security gaps in the company’s financial system and communicated his worries to other administrators through email. Despite this, he was largely ignored and his department’s leaders never approved the security project he had proposed.

Lianjia’s director of ethics testified at the court and said that Bing felt that his organisational proposals weren’t valued and often entered arguments with supervisors.

Zach Marzouk
Zach Marzouk

Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.

Latest
You might also like
View More ▸