Insider Signal - 2021.09

Employee destroys 21GB of data, $40.9m university sexual abuse settlement, social media mistakes thrust bank into the cultural wars, and Beijing company suing IBM for trade secret misappropriation.

Fired Credit Union Employee Destroys 21 Gigabytes of Data

Juliana Barile, a former part-time remote employee at an undisclosed New York credit union, pleaded guilty to unauthorized access to the bank's computer network and destroying more 21 gigabytes of data for retribution after having been fired.

Barile was fired on 19 May 2021, at which time a staff member asked the credit union's IT support firm to terminate Barile's credentials. However, the IT support firm failed to do so, and two days later, Barile logged in and deleted 20,000 files and 3,500 directories from the shared drive. Deleted files included mortgage loan applications and anti-ransomware software.

Basic Analysis

  • According to the indictment, Barile also opened confidential documents such as the bank's board minutes.

  • On 26 May, Barile texted a friend what she had done: "They didn't revoke my access so I deleted p drift lol. [...] I deleted their shared network documents."

  • This is yet another case where IT administrators failed to cut off or limit access to a terminated or disciplined employee

Deeper Analysis

  • Fortunately, the bank had backups of much of the deleted data.

  • The bank had to spend more than $10,000 to restore the deleted information.

  • Barile was working remotely due to Covid-19; she may have felt a sense of impunity due to her lack of in-person or other regular interactions with staff.

  • Managers should regularly check in with remote staff; remote staff may be feeling depressed, alienated, or bitter and it is important to create opportunities to assess their state of mind.

  • Some companies designate staff to study group video calls for signs that staff are struggling and may pose a risk.

  • The bank may wish to pursue criminal charges and a civil claim for restitution.

  • In many cases, victimized companies opt to limit the negative publicity by not pursuing charges or civil action.

Sources and Additional Information


Psst: Would you benefit from our Deeper Analysis section for the other three featured stories each month? Want to help ensure iThreat and Mike Gips are able to keep bringing you news and analysis of important insider threat incidents? If so, we would appreciate you becoming a paid subscriber to the Insider Signal Plus version of the newsletter!


Judge Tosses Out Hundreds of Sexual Abuse Lawsuits Against Ohio State University

A federal judge dismissed more than 300 civil claims filed against Ohio State University by former students and athletes who claim school officials failed to protect them from sexual predator Richard Strauss, a former team doctor for the university. A 2019 report by the university found officials had received many allegations of sexual abuse, up to and including rape, against Strauss but did not act in response. The report counted at least 177 students who were abused between 1978 and 1998.

Strauss abused male athletes in at least 16 sports, preying on them in examination rooms, locker rooms, showers, saunas, and elsewhere. Strauss would often get his victims to undress, then grope or fondle them. The civil cases were dismissed because the statute of limitations had expired. In May 2020, OSU announced a $40.9 million settlement with 162 survivors.

Analysis Highlights

  • The university had long tolerated a culture of hazing in men's sports.

  • Strauss's activities were an open secret among staff and athletes; dozens of officials were aware of it.

  • People knew Strauss by nicknames such as Dr. Jellypaws.

  • Many of his actions were egregious; for example, when a young man from a rural area who had never had a medical exam came to see him, Strauss put a stethoscope on his penis. For another student who came in complaining of a sore throat, Strauss spent the entire exam fondling the student's genitals.

Sources and Additional Information


Chase Bank Thrashed for Threatening to Cancel General's Credit Cards

Chase Bank apologized to Lt. Gen. Michael Flynn after it had sent his wife a letter saying that it would cancel their credit cards. The August letter said: "We decided to close your credit cards on September 18, 2021 because continuing the relationship creates possible reputational risk to our company." Flynn had pleaded guilty to a charge of making false statements to the FBI about his communications with Russia in late 2017 and was later pardoned by Donald Trump.

Flynn responded to the Chase Bank letter with a social media tirade, accusing Chase of being "full-blown woke." He added, "I pray Chase Bank and all their cancel culture partners think twice about what they are doing to destroy the fabric of our constitution." Followers weighed in with promises to cease doing business with Chase.

Basic Analysis

  • Chase Bank claims the letter was sent in error.

  • If it indeed was an error, the case shows how a single act can snowball into severe reputational damage for an organization.

  • Flynn has 280,000 Twitter followers.

  • Flynn's social media posts were liked and forwarded thousands of times, often with bitter denunciations of Chase.

  • Organizations must be wary of wading into cultural wars when they publicly declare a customer, partner, or other entity of constituting a reputational risk.

Sources and Additional Information


IBM Sued by Chinese Partner for Customer Data Theft

Beijing Neu Cloud Oriental System Technology Co, Ltd. has sued IBM, a distributor of IBM Power Systems servers, for trade secret misappropriation arising from "fraudulent and unfair business practices." IBM allegedly encouraged employees at another strategic partner, Inspur, to access Neu Cloud's customer information without having authority to do so.

The suit says Neu Cloud's parent company TeamSun "developed technology solutions upon IBM Power Systems products and actively marketed them in China." Neu Cloud agreed to buy its servers are related equipment exclusively from IBM. The complaint alleges IBM created a new joint relationship with Inspur, forcing Neu Cloud to buy from Inspur instead of IBM Power.

Inspur allegedly accessed Neu Cloud's confidential customer information from IBM to reach out directly to those customers, harming Neu Cloud.

Basic Analysis

  • The case involves complicated issues involving multiple strategic partners and joint ventures.

  • Neu Cloud contends that Inspur profited from the knowledge of Neu Cloud customers.

  • Neu Cloud claims that it has lost market share and sales opportunities.

  • According to the complaint, "Neu Cloud was completely reliant upon IBM's good-faith cooperation and willingness to supply Power Systems products on favorable prices and conditions, and IBM controlled Neu Cloud's pricing and sourcing for its products."

Sources and Additional Information


More Insider Threat Stories - September 2021

Pastor and Treasurer Looted Their Own Church

Wendi Wishnefsky McLamb, 52, has been charged with felony embezzlement and felony conspiracy for teaming with her husband, Ransom Wade McLamb Jr., over 7 years to swindle $136,036.81 worth of financial property from Sabbath Home Baptist Church in Supply, North Carolina. Ransom McLamb was the church's pastor, and Wendi McLamb was its treasurer and secretary. Source: https://www.wect.com/2021/09/30/search-warrants-reveal-new-details-about-former-pastor-treasurer-arrested-church-embezzlement/

Jordanian Agriculture Ministers Imprisoned for Embezzlement

Two of Jordan's Ministry of Agriculture ministers, both unidentified, have been sentenced to 5 years in prison each and ordered to pay restitution for the embezzlement of 365,128 dinars. A third defendant, the wife of one of the ministers, was acquitted of helping them hide the funds. Source: https://en.ammonnews.net/article/53105

Mississippi Court Clerk Taps into Crime Victim Restitution Funds

Former Mississippi circuit court clerk Jeffrey O'Neal has been indicted on four counts of embezzlement of more than $200,000. O'Neal purportedly wrote checks to himself instead of to the Stone County general fund as well as took money due to be returned to crime victims. Suspicions arose when O'Neal failed to file multiple annual financial reports that chancery and circuit court clerks must file under state law. The reports indicate how much clerks pay themselves from fees that their office earns. Source: https://www.wlox.com/2021/09/27/former-stone-county-court-clerk-indicted-embezzlement-charges/

Elections Supervisor Allegedly Copied Hard Drives of Voting Machines

The Colorado Secretary of State has sued Tina Peters, a clerk in Mesa County, Colorado, for allegedly sending an unauthorized person into elections office with an access card to copy the hard drives of voting machines. The lawsuit aims to strip Peters and her deputy of their official duties. Deniers of the 2020 Presidential election were discovered to have copies of the files on the hard drive. Officials are considering criminal charges. Source: https://www.washingtonpost.com/context/colorado-secretary-of-state-lawsuit-against-mesa-county-clerk-tina-peters/23fa2833-0b93-4034-9f40-3b204ce87fd5/

Financial Secretary at Auto Union Misappropriated $2M

Auditors from the United Auto Workers Union have discovered an unnamed financial secretary at Local 412 in Warren, Michigan made more than $2 million in "improper personal expenditures." According to the Detroit News, the audit findings occurred after the UAW "implemented new monetary control measures amid a years-long federal investigation into corruption within the union that has resulted in the convictions of 15 people, including two former UAW presidents, and put it under an independent monitor." Source: https://www.bakersfield.com/ap/news/uaw-identifies-2m-in-improper-expenditures-at-michigan-local/article_d5da521e-5bff-58c9-ba22-9b26414fe48d.html

Chick-fil-A Workers Plucked Customer Payments

Larry James Black Jr., 37, formerly the director for hospitality at Five Points South Chick-fil-A in Birmingham, Alabama, pleaded guilty in federal court to conspiracy to commit wire fraud and bank fraud. Codefendant Joshua Daniel Powell, 40, who worked with Black, pleaded guilty to conspiracy to commit wire fraud. Black and Powell diverted $492,000 in customer credit payments--many for large catering orders-- to bank accounts under their control. The accounts were designed to look like Chick-fil-A accounts. Source: https://www.al.com/news/birmingham/2021/09/ex-birmingham-chick-fil-a-workers-plead-guilty-to-pocketing-thousands-from-customers-to-fund-lavish-lifestyles.html

UK Ministry of Defence Exposed Identities of Afghan Interpreters

In a case of insider threat stemming from user error, the UK's Ministry of Defence is investigating an email sent by its Afghan relocation unit that included the names and contact information of Afghan interpreters who have worked with UK officials and have been unable to flee Afghanistan, now under Taliban control. The email included profile pictures of interpreters, putting them at grave risk of Taliban retribution. A follow-up email urged recipients to delete the first email. Source: https://www.bbc.com/news/uk-58629592

Flying-Car Manufacturer Sues Rival for Trade Secret Theft

Wisk Aero, a company that has spent years trying to develop flying cars, has sued competitor Archer Aviation on allegations of hiring Wisk engineers and getting Wisk trade secrets. Wisk claims that these engineers had downloaded confidential documents before decamping to Archer. The court rejected Wisk's attempt for a preliminary injunction after hearing evidence that many of Archer's innovations came independently of Wisk trade secrets. The case is expected to go to trial. Source: https://www.theverge.com/2021/4/6/22369921/wisk-sues-archer-trade-secrets-theft-flying-taxi

Spanish Mayor On Trial for Embezzlement

Mario Jimenez, the mayor of Mavilda, a town on Spain's southern coast, is on trial for allegedly embezzling more than 200,000 euros earmarked for urbanization projects. His wife, Antonia Munoz, is being tried on similar charges. Prosecutors claim that the funds were not approved for the projects and that the town treasury opposed the disbursement. Source: https://then24.com/2021/09/19/the-former-communist-mayor-of-manilva-iu-on-trial-for-prevarication-and-embezzlement-with-the-current-councilor/

Kenyan Sports Minister Had Field Day with Olympic Funds

Former Kenyan sports minister Hassan Wario was sentenced to a six-year jail term after being convicted of e mbezzlement at the 2016 Rio Olympics. He was one of six Kenyan officials charged with misappropriating 55 million shillings by the purchase of airline tickets, overpayment of expenses, and payments for unauthorized people. One other official was convicted, while four others were acquitted. Source: https://www.reuters.com/world/africa/kenyan-court-jails-ex-sports-minister-six-years-over-graft-2021-09-16/


We Want Your Feedback!

How are we doing? Are you enjoying our content and insights? Are there specific stories you’d like us to cover? We would love your feedback via insidersignal@ithreat.com. With your permission, we may even publish it!