A bank's failure to disable former employee accounts allowed them to retain network access after a layoff

Incident Date: 2001 (or prior)
Incident Location:

According to a CEO of a security company, a merchant bank failed to take proper security precautions after laying of 5,000 employees. The bank failed to deactivate the former employees’ passwords when they were terminated. Research revealed that 40% of the ex-employees had entered the bank’s network even after the layoff. The CEO reports that the bank personnel capable of disabling the accounts simply had not been educated to follow the procedure during terminations.

Story Sources

Title: Making Security a User Issue
Author: Mark Street
Date: 3/26/2001
Publication: IT Week
Publication Location: USA
Publication URL: http://www.pentasafe.com/news/itweekdougerwininterview.pdf

Do you have additional information to contribute regarding this story? If so, please email siteupdates@passwordresearch.com with the details and source.

<-- Back to Authentication Story Index

[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com