An Indian national has been sentenced by a US court in California to two years in prison, who after being fired by his company accessed its server and deleted over 1,200 Microsoft user accounts, according to a statement.
Deepanshu Kher was arrested when he flew from India to the United States on January 11, 2021, unaware of the outstanding warrant for his arrest.
“This act of sabotage was destructive for this company,” said Acting US Attorney Randy Grossman on Tuesday.
In pronouncing the sentence, US District Court Judge Marilyn Huff noted that Deepanshu Kher perpetrated a significant and sophisticated attack on the company, an attack which was planned and clearly intended as revenge.
In addition to the two years in custody, Judge Huff sentenced Deepanshu Kher to three years” supervised release and restitution to the Company of USD 567,084, the amount that the Company paid to fix the problems which Deepanshu Kher caused.
According to court documents, Deepanshu Kher was employed by an information technology consulting firm from 2017 through May 2018. In 2017, the consulting firm was hired by the Carlsbad Company to assist with its migration to a Microsoft Office 365 (MS O365) environment. In response, the consulting firm sent its employee, Deepanshu Kher, to the company’s Carlsbad headquarters to assist with the migration.
The company was dissatisfied with Deepanshu Kher’s work and relayed their dissatisfaction to the consulting firm soon after Deepanshu Kher’s arrival. In January 2018, the consulting firm pulled Deepanshu Kher from the company’s headquarters.
A few months later, on May 4, 2018, the firm fired Deepanshu Kher, and a month after that, in June 2018, Deepanshu Kher returned to Delhi, India.
On August 8, 2018, two months after his return to India, Deepanshu Kher hacked into the Carlsbad Company’s server and deleted over 1,200 of its 1,500 MS O365 user accounts.
Federal prosecutors alleged that the attack affected the bulk of the company’s employees and completely shut down the company for two days.
As the company’s Vice President of Information Technology (IT) explained, the impact was felt inside and outside the company.
Employees’ accounts were deleted – they could not access their email, their contacts lists, their meeting calendars, their documents, corporate directories, video, and audio conferences, and Virtual Teams environment necessary for them to perform their jobs, prosecutors said.