A federal jury in Minneapolis, Minnesota found a local man guilty of intentionally damaging his former employer's network before leaving the company.
The man's name is Christopher Victor Grupe, 46, and from September 2013 until December 2015 he worked as an IT professional for the Canadian Pacific Railway (CPR), a transcontinental railroad based in Alberta, Canada.
Things went sideways in December 2015 when CPR suspended Grupe for 12 days for yelling and using inadequate language with his boss.
When the man returned to work following his suspension on December 15, management told Grupe they were going to fire him for insubordination.
According to court documents obtained by Bleeping Computer, Grupe asked management to resign, effective immediately. He promised to come back the following days and return company property such as his laptop, remote access device, and access badges.
He did return the items, as promised, but not before taking the laptop for a last spin inside CPR's network. Court documents show Grupe accessed the company's switches and removed admin accounts, changed passwords for other admin accounts, and deleted log files.
When done, Grupe wiped his laptop and returned it to CPR's Minnesota office on December 17, two days after he resigned.
It was only on January 6, 2016, that CPR staff discovered the damage Grupe caused. CPR employees were able to regain access to the devices the next day by rebooting the switches, but this caused an outage for their company.
To CPR's luck, the switches' memory still contained evidence of Grupe's intrusion. The company then called in an outside firm to help with the investigation and later notified authorities. CPR estimated the damage Grupe caused at around $30,000.
US authorities charged Grupe on April 11 this year, and he was found guilty earlier this week. The court has not yet scheduled a sentencing date.
Grupe spent 28 years in the military before joining CPR and is an Iraq war veteran.