‘Disgruntled’ British IT worker jailed for hacking employer after being suspended

A British IT worker who launched what police described as a cyberattack against his employer after being suspended from work has been jailed for seven months.

According to West Yorkshire Police, within hours of his suspension in July 2022, Mohammed Umar Taj attempted to take revenge on his employer.

The unidentified firm, which has clients in the United Kingdom as well as in Germany and Bahrain, said it suffered “significant disruption” and lost at least £200,000 (about $275,000) due to the attack, as well as suffered reputational harm.

Taj — who was sentenced on June 26, after previously pleading guilty to a Computer Misuse Act offense — accessed his employer’s systems to alter login credentials and disrupt its daily activities.

A day later, Taj then “changed access credentials and the company’s multi-factor authentication so that he could adversely impact the activities of the firm’s clients both in the UK and overseas in Germany and Bahrain.”

Investigators from West Yorkshire Police’s cyber team discovered that Taj had kept recordings of his activities and had discussed the attack in phone recordings that forensics specialists were able to recover.

Appearing before Leeds Crown Court last week, Taj was sentenced to seven months and 14 days custody.

Detective Sergeant Lindsey Brants of West Yorkshire Police’s cybercrime team said: “Taj set out to get revenge on his employer following his suspension from work. He did so by targeting their IT system, which he had privileged access to. By doing this he created a ripple effect of disruption far beyond the shores of the UK.

“Protecting your network prevents data loss and costly cyber attacks. It also maintains trust with clients and stakeholders,” said Brant. “We urge all businesses to look at their network security.”