Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired by the company. 

First Republic Bank was a commercial bank in the U.S., employing over seven thousand people and having an annual revenue of $6.75 billion. The bank closed on May 1, 2023, and was sold to JPMorgan Chase.

According to the U.S. Department of Justice (DoJ) announcement, Brody was fired on March 11, 2020, from First Republic Bank (FRB) in San Francisco, where he worked as a cloud engineer.

The court documents state that Brody’s employment was terminated after he violated company policies by connecting a USB drive containing pornography to company computers.

Following his dismissal, Brody allegedly refused to return his work laptop and instead used his still-valid account to access the bank’s computer network and cause damages estimated to be above $220,000

“Among other things, Brody deleted the bank’s code repositories, ran a malicious script to delete logs, left taunts within the bank’s code for former colleagues, and impersonated other bank employees by opening sessions in their names,” describes the U.S. DOJ announcement.

“He also emailed himself proprietary bank code that he had worked on as an employee, which was valued at over $5,000.”

Until his access to FRB’s network was eventually terminated on March 12, 2020, Brody had performed the following actions:

• Ran a malicious script named “dar.sh” to wipe FRB’s servers
• Deleted git logs and git commit history for the particular script
• Accessed FRB’s GitHub repository and deleted the hosted code
• Inserted ‘taunts’ in the code, including references to “grok”
• Impersonated another cloud engineer at FRB to access the firm’s network and make configuration changes

After the incident, Brody falsely reported to the San Francisco Police Department that the FRB-issued laptop had been stolen from his car.

He continued to uphold this story when interviewed by United States Secret Service agents following his arrest in March 2021.

Eventually, in April 2023, Brody pleaded guilty to lying about the laptop and to two charges concerning violation of the Computer Fraud and Abuse Act.

In addition to the two-year prison term and the payment of the restitution, Brody will serve three years of supervised release.

Resource : https://www.bleepingcomputer.com/news/security/cloud-engineer-gets-2-years-for-wiping-ex-employers-code-repos/