Portuguese 
English 
Spanish 
3 min of reading 
34 comments 
A Company Neglected The Revocation Of IT Access After Firing An Employee, Resulting In A Major Financial Loss.
A technology company in Singapore faced enormous losses after failing in a critical aspect of IT security – the revocation of access from a terminated employee.
The incident resulted in the loss of nearly R$ 4 million in virtual servers of the company.
The Carelessness That Cost Dearly
In October 2022, NCS fired software engineer Kandula Nagaraju due to unsatisfactory performance.
-
An unexpected problem arises in São Paulo: thousands of artesian wells operate under toxic risk and put aquifers that help supply water to 22 million people on alert.
-
The world’s most advanced satellite has just been launched by China and can sniff out greenhouse gases from space using technology that did not exist before. Along with 149 other satellites, it forms a network capable of detecting any environmental crime on the planet without anyone being able to hide.
-
Young Brazilians depart this week for a world robotics tournament in Houston and could surprise the world with innovative projects that place Brazil among the greatest technological powers.
-
Robot dogs with the faces of Musk, Bezos, and Zuckerberg invade a museum in Berlin and demonstrate how tech billionaires, artificial intelligence, and algorithms are already shaping what millions of people see, think, and consume every day.
However, what should have been a routine termination turned into a corporate nightmare.
NCS did not immediately revoke Nagaraju’s IT access, allowing him, driven by resentment, to use his credentials to cause irreparable damage to the company’s systems.
In the following months, the former employee accessed NCS’s virtual servers and, using scripts found online, deleted 180 servers essential for software testing operations.
Although the servers did not store sensitive data, their destruction caused a halt in the company’s internal processes, resulting in losses of nearly R$ 4 million.
A Planned Retaliation Against The Company’s IT System
After his dismissal, Nagaraju returned to India but kept his access credentials active. In January 2023, he made six unauthorized accesses to NCS’s systems using his personal laptop.
Upon returning to Singapore, where he started a new job, he continued exploring vulnerabilities of his previous employer.
Staying at a former colleague’s house, he used the shared Wi-Fi network to mask his illicit activities.
For three months, Nagaraju devised a meticulous retaliation plan. Using scripts obtained online, he developed a program that systematically deleted the company’s virtual servers.
When executed, the code resulted in the complete loss of testing systems, forcing NCS to allocate resources for recovery.
The Legal and Business Consequences
An internal investigation revealed the source of the unauthorized access and led to the identification of Nagaraju as the author of the attacks.
The Singapore police located the code responsible for the destruction on his laptop, resulting in his arrest and subsequent conviction.
The Singapore court sentenced Nagaraju to two years and eight months in prison for unauthorized access and intentional damage.
The case served as a warning about the severity of digital retaliation in an increasingly reliance on secure IT infrastructure.
For NCS, the losses were far more than financial. The incident exposed critical failures in the company’s security protocols and tarnished its reputation in the technology sector.
Clients and partners questioned the company’s ability to protect its digital assets, demanding swift measures to prevent future occurrences.
Lessons Learned and Preventive Measures
This incident reinforced a fundamental principle that many companies neglect: revoke access immediately upon an employee’s termination.
NCS’s mistake highlighted how the lack of a rigorous offboarding process can lead to catastrophic operational and financial damages.
To avoid similar situations, security experts recommend the following preventive measures:
- Immediate Revocation Of Access: As soon as an employee is terminated, all access credentials should be disabled.
- Continuous Monitoring: Periodic audits can identify attempts of unauthorized access and prevent incidents.
- Multi-Factor Authentication: The use of two-step authentication makes unauthorized access difficult even with compromised credentials.
- Clear IT Policies: Well-defined rules on information security should be implemented for all employees.
Bem feito.. eu faria o mesmo ou até pior . devem ter sacaneado muito o cara .metas e cobrança absurdas com chefes puxa saco e incapacitados
O cara poderia ter tomado outro rumo sem optar pela vingança,ele se queimou nessa área!!
Muito ****