Angry IT Admin Sentenced to 7 Years for Deleting Employer’s Databases

Former employee of the major real estate company Lianjia, Han Bin, has been sentenced to seven years in prison after accessing corporate systems and deleting critical data. In June 2018, Bin, who worked as a database administrator, used his privileged access and superuser rights to enter Lianjia’s financial system. He then deleted all data stored on two database servers and two application servers.

As a result of Bin’s actions, most of the company’s operations immediately came to a halt, leaving tens of thousands of employees without pay for an extended period. Lianjia spent about $30,000 to recover the lost data. The indirect damage from the disruption of business operations was much greater, as Lianjia operates thousands of offices with over 120,000 brokers. The company also owns 51 subsidiaries and has a market value of $6 billion.

Bin quickly became a suspect because he refused to provide investigators with the password to his laptop. According to investigators, they knew that such a crime would not leave traces on the laptop and simply wanted to observe the suspects’ reactions—there were five suspects at the time.

Ultimately, technical staff extracted access logs from the servers and traced the activity to internal IP and MAC addresses. Inspectors were even able to obtain Wi-Fi connection logs and timestamps. However, the most crucial evidence against Bin came from surveillance camera footage.

Interestingly, Bin had repeatedly warned his superiors about security issues in the financial system and even sent emails to other administrators. However, his warnings were ignored, and the department’s management never approved his proposed security enhancement project.