|
A bank's failure to disable former employee accounts allowed them to retain network access after a layoff
Incident Date: 2001 (or prior) Incident Location: According to a CEO of a security company, a merchant bank failed to take proper security precautions after laying of 5,000 employees. The bank failed to deactivate the former employees’ passwords when they were terminated. Research revealed that 40% of the ex-employees had entered the bank’s network even after the layoff. The CEO reports that the bank personnel capable of disabling the accounts simply had not been educated to follow the procedure during terminations. Story Sources Title: Making Security a User Issue Author: Mark Street Date: 3/26/2001 Publication: IT Week Publication Location: USA Publication URL: http://www.pentasafe.com/news/itweekdougerwininterview.pdf Do you have additional information to contribute regarding this story? If so, please email siteupdates@passwordresearch.com with the details and source.
<-- Back to Authentication Story Index |