Passwords and Former Employees
We regularly see issues involving former employees and passwords – routine close out of passwords and access after separation (and regular password change protocol for current employees) is critical, of course. One employer went on the offensive recently, and won. The Ninth Circuit Court of Appeals upheld a criminal conviction of a former employee who used the login credentials of a current employee to access his former employer’s confidential client database. In doing so, the Court found the employee had violated the Computer Fraud and Abuse Act’s (“CFAA”) prohibition in knowingly accessing a protected computer without authentication. With the increased scrutiny on cyber-security, this may be a useful tool for employers who are victims of data breaches.