A former IT contractor from Ohio has admitted to launching a cyberattack towards his employer’s community in retaliation for being terminated, federal prosecutors introduced this week.
Maxwell Schultz, 35, of Columbus, Ohio, pleaded responsible to laptop fraud costs after main a technical assault that locked 1000’s of staff out of their techniques nationwide.
On Might 14, 2021, Schultz was fired from his contract place within the firm’s IT division. Fairly than accepting the termination, he selected to strike again digitally.
Shortly after his dismissal, Schultz impersonated one other contractor to fraudulently receive legitimate login credentials, gaining unauthorized entry to the corporate’s community.
As soon as contained in the system, Schultz executed a PowerShell script designed to trigger most disruption.
The malicious code reset roughly 2,500 worker passwords concurrently, successfully locking 1000’s of employees and contractors out of their computer systems throughout a number of places.
Schultz didn’t cease at password resets. He actively sought strategies to delete digital proof of his unauthorized entry, together with PowerShell occasion logs and system logs.
Regardless of clearing a number of logs, investigators finally traced the assault again to him. The corporate suffered vital monetary losses exceeding $862,000.
These damages included widespread worker downtime, disrupted customer support operations, and intensive labor prices required to revive normal community performance.
The ripple results impacted each inside operations and buyer relationships. As a part of his responsible plea, Schultz acknowledged that anger over his termination motivated the assault. He now faces severe federal penalties.
U.S. District Choose Lee Rosenthal will sentence Schultz on January 30, 2026. He faces as much as 10 years in federal jail and a most advantageous of $250,000.
The FBI led the investigation, with Assistant U.S. Attorneys Rodolfo Ramirez and Michael Chu prosecuting the case.
This case highlights the vital significance of instantly revoking system entry for terminated staff, significantly these with administrative privileges.
Observe us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to characteristic your tales.
