Washington: An Indian national has been sentenced by a US court in California to two years in prison, who after being fired by his company accessed its server and deleted over 1,200 Microsoft user accounts, according to a statement.
Deepanshu Kher was arrested when he flew from India to the United States on January 11, 2021, unaware of the outstanding warrant for his arrest.
This act of sabotage was destructive for this company, said Acting US Attorney Randy Grossman on Tuesday.
In pronouncing the sentence, US District Court Judge Marilyn Huff noted that Kher perpetrated a significant and sophisticated attack on the company, an attack which was planned and clearly intended as revenge.
In addition to the two years in custody, Judge Huff sentenced Kher to three years supervised release and restitution to the Company of USD 567,084, the amount that the Company paid to fix the problems which Kher caused.
According to court documents, Kher was employed by an information technology consulting firm from 2017 through May 2018. In 2017, the consulting firm was hired by the Carlsbad Company to assist with its migration to a Microsoft Office 365 (MS O365) environment.
In response, the consulting firm sent its employee, Kher, to the company’s Carlsbad headquarters to assist with the migration.
The company was dissatisfied with Kher’s work and relayed their dissatisfaction to the consulting firm soon after Kher’s arrival. In January 2018, the consulting firm pulled Kher from the company’s headquarters.
A few months later, on May 4, 2018, the firm fired Kher, and a month after that, in June 2018, Kher returned to Delhi, India.
On August 8, 2018, two months after his return to India, Kher hacked into the Carlsbad Company’s server and deleted over 1,200 of its 1,500 MS O365 user accounts.
Federal prosecutors alleged that the attack affected the bulk of the company’s employees and completely shut down the company for two days.
As the company’s Vice President of Information Technology (IT) explained, the impact was felt inside and outside the company.
Employees’ accounts were deleted and they could not access their email, contacts lists, meeting calendars, documents, corporate directories, video and audio conferences, and the Virtual Teams environment necessary for them to perform their jobs, prosecutors said.