IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

IT admin deletes company’s databases and is jailed for seven years

Forensic experts correlated WiFi connectivity logs and timestamps with internal CCTV footage to confirm their suspicions

A former database administrator in China has been jailed for seven years after deleting data belonging to his employer Lianjia, a real-estate brokerage giant.

Han Bing allegedly performed the act in June 2018, according to Bleeping Computer. Bing used admin privileges and a root account to access the company’s financial system and delete data found on two database servers and two application servers.

The action immediately affected large parts of Lianjia’s operations which left tens of thousands of employees without salaries for an extended period. The company also had to carry out data restoration efforts which cost around $30,000.

Bing was one of five suspects in the data deletion incident, detailed documents released by the court of the People's Procuratorate of Haidian District. The administrator raised the authorities’ suspicion when he refused to give his laptop password to the company’s investigators.

"Han Bing claimed that his computer had private data and the password could only be provided to public authorities, or would only accept entering it himself and being present during the checks," reported local news outlet 4hou.

Technicians retrieved access logs from the servers and traced the activity to internal IPs and MAC addresses. The inspectors also retrieved WiFi connectivity logs and timestamps and eventually confirmed their suspicions by correlating them with CCTV footage.

Related Resource

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

Pair of feet in socks with a chair and plant in the backgroundFree download

The forensic expert also found that Bing had wiped the databases by using the commands “shred” and “rm”. The shred command overwrites the data three times with multiple patterns so they cannot be recovered while rm removes the symbolic links of the files.

Bing had previously informed his employer about security gaps in the company’s financial system and communicated his worries to other administrators through email. Despite this, he was largely ignored and his department’s leaders never approved the security project he had proposed.

Lianjia’s director of ethics testified at the court and said that Bing felt that his organisational proposals weren’t valued and often entered arguments with supervisors.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Skills shortages expected to hit over 90% of Australian and New Zealand businesses
Careers & training

Skills shortages expected to hit over 90% of Australian and New Zealand businesses

28 Jun 2022
Why India wants to become a chipmaking powerhouse
components

Why India wants to become a chipmaking powerhouse

28 Jun 2022
Samsung fined $14 million over misleading water resistance claims across its Galaxy smartphones
Mobile Phones

Samsung fined $14 million over misleading water resistance claims across its Galaxy smartphones

23 Jun 2022
Toshiba eyes $22bn buyout offer in bid to go private
Business strategy

Toshiba eyes $22bn buyout offer in bid to go private

23 Jun 2022

Most Popular

Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022
The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022