Handyman favorite Home Depot, which recently suffered one of the worst consumer data leaks in history, just learned a lesson the hard way: Always run background checks on your security team. Amid a massive investigation into the company’s information security practices, it turns out their former senior architect of IT security was fired from his last job for sabotaging his employer’s network–and is now serving federal prison time.
According to Ars Technica, Ricky Joe Mitchell, who was hired by Home Depot in 2012 and promoted to the senior architect role in 2013, took his ex-employer EnerVest Operating’s systems offline for a month when he found out he was being fired. The damage–caused by remotely resetting the company’s servers to factory settings–is believed to have cost as much as $1 million in lost business. It’s important to note that Mitchell has not been tied to the Home Depot hack in any way by authorities.
Information assurance employees at Home Depot told the New York Times that when they requested extra training and resources to keep customer and employee data safe, managers always gave the same response: “We sell hammers.”