Related Stories

Top 5 Stories


Unfashionable network breach at Gucci’s

06 April 2011

A Gucci network engineer who was fired by the company used his expertise and insider access to wreck havoc on the IT systems of the Italian fashion house, according to an indictment by Manhattan District Attorney Cyrus R. Vance Jr.

Sam Chihlung Yin created a fake VPN token in the name of a fictional employee in order to access Gucci’s network after he was fired. He tricked IT personnel at the company into activating the VPN, enabling him to delete documents and emails, as well as shut down the server for 24 hours.

In total, the district attorney estimated that Yin caused $200,000 in damages as a result of diminished productivity, document restoration and remediation measures, and other expenses.

According to the indictment, Yin accessed Gucci’s network on Nov. 12, 2010, deleted several servers, shut down a storage area network, and deleted a disk containing the corporate mailboxes from an email server.

“As a result, Gucci staff was unable to access any documents, files, or other materials saved anywhere on its network. Additionally, Yin's destruction of data from the e-mail server cut off the e-mail access not only of corporate staff, but also of store managers across the country and the e-commerce sales team, resulting in thousands of dollars in lost sales”, according to a statement from the Manhattan District Attorney’s office.

Yin faces a 50-count indictment that includes charges of computer tampering, identity theft, falsifying business records, computer trespass, criminal possession of computer-related material, unlawful duplication of computer-related material, and unauthorized use of a computer.

"Computer hacking is not a game. It is a serious threat to corporate security that can have a devastating effect on personal privacy, jobs, and the ability of a business to function at all", Vance concluded.

This article is featured in:
Data Loss  •  Identity and Access Management  •  Public Sector


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×