Companies frequently confront threats to their confidential information from insiders such as disgruntled employees. A recent federal indictment, however, shows that the “insider” threat can persist even after an employee is terminated.
The federal government recently charged Nima Kalbasi, a former engineer for the Tesla Motors company, with three counts of computer intrusion (under the Computer Fraud & Abuse Act), related to his alleged access of an ex-manager’s email account.
According to an indictment filed in the Northern District of California federal court, Tesla terminated Mr. Kalbasi from his employment in December 2014.
Just two weeks later, Mr. Kalbasi allegedly gained ex-access to his manager’s email account and downloaded emails containing customer complaints and employee evaluations. He then allegedly posted one such customer complaint on a public website and made disparaging comments about the company.
Mr. Kalbasi faces two felony counts and one misdemeanor count based on his alleged actions.
While the indictment does not identify the background behind Mr. Kalbasi’s termination, companies should be wary that terminating a disgruntled employee does not always end the insider threat.
What steps does your company take to protect itself and its information from terminated employees?