News Hub

IT employee jailed for deleting ex-employer’s AWS servers

Written by Fri 22 Mar 2019

Amazon web services

Former Voova employee jailed for two years for revenge AWS rampage

A Manchester employee has been jailed for stealing his ex-employer’s credentials, accessing its AWS accounts and terminating 23 servers.

Steffan Needham, 36, of Bury, Greater Manchester was jailed for two years for the costly backend breaches following a nine-day trial at Reading Crown Court, Thames Valley Police reported Monday.

Needham pleaded not guilty to two charges of the Computer Misuse Act, but was found guilty in January.

The charges relate to a two-day period in May 2016. Needham, who had just been fired by digital marketing and software company Vooma after four weeks of poor performance, decided to fire back.

Needham hacked into his colleague’s computer account, changed their password and tore through the account settings, before moving on to Voova’s AWS servers, terminating them one-by-one.

Half a million up in smoke

The company, that provided marketing services to major transport companies including Coachline.com, lost a series of big contracts due to the downtime. Police estimate the damage cost Voova around £500,000 in losses. It had to lay off several employees and never managed to recover the data.

Needham went undetected until March 2017 until police tracked him down when he was working for DevOpsConsulting.co.uk in Manchester.

During the trial security expert Richard Moss highlighted that the crisis could have been averted with simple security procedures, such as 2FA.

“Security could have been better at Voova… there was no multi-factor authentication, a means of confirming the user ID which requires a user to verify their identification by something they know or posses,” he said.

Investigating officer Detective Constable Giles Murphy, of the Cyber Crime team at Loddon Valley police station, said: “This sentence demonstrates the seriousness of this case, which was aggravated by Needham seeking revenge.”

“We hope this serves as a warning to those who may be involved in cyber crime.”

Written by Fri 22 Mar 2019


AWS Cloud cyber security
Send us a correction Send us a news tip