A significant security breach occurred when an American city's water utility was compromised due to the failure to revoke login credentials of a former employee. Nicole Beckwith, a security consultant, revealed that a hacker exploited an unused account belonging to a past employee, ‘Greg from Auditing,’ who had not worked at the city for years. This allowed the attacker to access the city's online systems and manipulate controls related to the water supply, posing a serious risk to public safety.
Today’s reminder to terminate employees’ credentials when their employment ends
CyberSIXT Evidence Panel
Primary Source
theregister.com
Article by CyberSIXT