It's no secret on this blog that when employment relationships go sour, criminal charges can be one potential result. Now we have another example, by way of the recent indictment of Arturas Samoilovas.
According to the indictment, filed in Ohio federal district court, Samoilovas worked as a contract employee for Eaton Corporation as a financial analyst. In April 2014, he applied for several full-time positions, but was told that he didn’t get the jobs. Unhappy about the rejections, Samoilovas “accessed the Eaton Corporation’s computer system,” inserting “certain malicious computer codes … into six … financial spreadsheets.” If executed, these codes would have resulted in deleted files. In other words, they were malware.
Unfortunately for Samoilovas, the federal government decided to indict him for these alleged actions under the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030. CFAA prohibits conduct that victimizes computer systems. Samilovas was charged under § 1030(a)(5)(A) and 1030(b). Under § 1030(a)(5)(A), a person commits a crime when he (1) knowingly causes transmission of a program, information, code, or command in order to (2) intentionally cause damage to a protected computer without authorization. Section 1030(b) prohibits an attempt to cause this crime.
These violations can be treated as felonies rather than misdemeanors if a person causes the following harms: a loss of at least $5,000 during a one-year period; an actual or potential effect on medical care; physical injury; a threat to public health or safety; damage to a computer used in the administration of justice, national defense, or national security; or damage affecting ten or more protected computers during any one-year period. The potential sentence for a felony charge is 10 years for a first offense that doesn’t cause bodily injury or death.
According to Law360, Samoilovas pleaded not guilty to the charge and was released on a $20,000 bond.