The story of a fired employee deleting 21.3 gigabytes of data from an NYC credit union is a common tale of weak security. 2020 will go on record for the sheer number of ransomware attacks against US businesses and government entities such as police stations. Many of those attacks were able to succeed because of weak security systems.
However, external attacks aren't the only source that credit unions need to be aware of. Employees have access to sensitive data, which makes them a security vulnerability. We've seen this vulnerability play out many times through weak passwords, clicking links within an email from an untrusted source, sharing passwords, and other weak security practices.
The NYC credit union attack took place at the end of May 2021. The former employee, Juliana Barile, 35, of Brooklyn, was able to log into the credit union's system two days after being fired and delete 21.3 gigabytes of data from the credit union's server. You might ask how that is possible since employee access is disabled once an employee is fired. That's a great question.
It goes back to the weakest link in a security system, often being the human link. At this particular credit union, which is unnamed in court documents, its IT department did not disable the employee's access, even though management sent a request to disable it. This failure allowed Barile to delete more than 20,000 files and almost 3,500 directories worth of data.
So far, the credit union has spent $10,000 to remediate the IT issues. However, that tab is likely to climb by quite a bit more. The credit union did have some backups of the destroyed data. The deleted data consisted mostly of mortgage applications. Barile also deleted the credit union's ransomware protection software.
Barile pled guilty to charges in court and is expected to face six to 12 months in prison.