Sometimes folks do stupid things to former employers out of spite. These actions can be quite harmful, but often they’re just embarrassing. Former Tribune employee Matthew Keys’ actions fell on the embarrassing side. He gave his username and password to a member of Anonymous, who then changed the headline of a story on the Los Angeles Times website.
For this, Keys has been charged with a federal crime and could go to prison:
Matthew Keys, 26, of Secaucus, N.J., was charged in the Eastern District of California with one count each of conspiracy to transmit information to damage a protected computer, transmitting information to damage a protected computer and attempted transmission of information to damage a protected computer. …
Each of the two substantive counts carry a maximum penalty of 10 years in prison, three years of supervised release and a fine of $250,000. The conspiracy count carries a maximum penalty of five years in prison, three years of supervised release and a fine of $250,000.
Just as with the Aaron Swartz case (and really most federal prosecutions), Keys won’t face anywhere near the maximum penalties. But obviously the feds are piling on any possible charge to intimidate him into a plea agreement.
More importantly, there was no actual hacking here. Keys gave an Anonymous member his old access information after losing his job with a Tribune-owned television station in 2010. It turned out the codes still worked. Once Tribune discovered his old access information was being used, they locked him out. The end. Tribune could have saved itself this minor embarrassment (An image of the hack was posted on Reddit! The horrors!) if they had blocked his online access when he left the job.