College Says Former Admin Demanded $200,000 To Reset School Password

[Megalith]

The American College of Education forced its IT staff to either relocate or resign last year, and one disgruntled employee responded by changing the login and password information for a Google account, which effectively prevented any students from accessing their work. When school officials called the ex-employee up, his attorney told them his client wanted a reference letter and a small payment to clear things up.

Indianapolis-based American College of Education fired its information technology employee last year, according to court documents, but not before an administrative password was changed. The online college then asked the man to unlock the Google account that stored email and course material for 2,000 students, according to a lawsuit filed by the college. The man said he'd be willing to help — if the college paid him $200,000. Welcome to the new frontier of tech concerns in a business world that has come to depend on the cloud.

 

[endalykt]

Never fuck with your sysadmin.

 

[Shotglass01]

*SMACK* I'm asking for a raise, this afternoon!

 

[Monkey God]

Dont forget the most important part:

"Williams, meanwhile, filed a lawsuit of his own in the U.S. District Court in Chicago, claiming the college bullied him and discriminated against him and other black employees."

 

[[Spectre]]

This may not end the way he wants it to end..........

 

[Twisted Kidney]

This may not end the way he wants it to end..........

Yeah, he's about to own a lot less stuff if he doesn't start behaving.

 

[TwiceOver]

That kind of sounds like extortion to me. Wonder if his lawyer knows what that term means...

Looks like it is all said and done though with the admin owing the school around $250k

Oops.

 

[Deleted member 94167]

Google apparently unlocked the account for them. Sounds like they were using complex passwords and saving them in the browser. Yikes.....

 

[jkerr44906]

He failed to appear! That was stupid. That's something you have to show up for no matter what. If he new that he was being fired and he changed the passwords. That's something that you can get prosecuted for. If the school forgot the passwords then to bad for them. A little hard to prove if you don't show up for your court hearings.

 

[Dead Parrot]

Could end badly for the lawyer as well. Helping your client engage in new or on going criminal activities(blackmail/extortion) tends to be frowned upon by most Bar Associations(disbarment) and legal systems(imprisonment.)

 

[raz-0]

As someone who deals with google apps for education and higher ed, there is just as much argument to be made for this outcome being the result of their "school" being run like shit and not extorsion.

1)So first up, you don't go all google apps for education and running your online school through google without having singed contracts with google with a whole bunch of people's names on things. These people can get significant assistance from google in sorting out issues like these in fairly short order providing some basic proof that you are who you say you are.

2) Look, you fire me, I don't owe you any more work. Period. You ask me for the password before you fire me, sure. You be a dick about firing me and then go.. oh wait.. we utterly failed to do our job and get our ducks in a row, so it's your fault of course.

3) They want him to do more work, he's free to set his rate. That rate can be entirely absurd and intended solely as a big fuck you to the company you do not want to work for. Because you don't HAVE to work for a company.

4) Extortion requires a threat or damaging action. You will note as soon as the fucktards running the school actually dug up their contract and gave google what they asked for, google unlocked all their shit. Having to get off your ass to do a basic task that takes an afternoon of your time or two because you fucked up is not rising to the level of great harm. Even if your lawyers had to operate the google phone tree for you, you are still in low five figures for sorting this out.

The only reason this is a thing is because the sysadmin didn't show to court. It would be interesting to see what the judge commented on in regards to the default judgement. It is entirely possible the judge thought the claim was stupid but not entirely meritless and thus deserving of a day in court.

 

[nutzo]

I worked for a company many years ago, and left due to a disagreement with the VP. The VP was an idiot who didn't like the people I was doing some side work for. Work that had no connection to my current job. I was an IT/support person, and I was doing some side work in system design and programming.

I was the internal IT person, and also provided most the support to the hardware techs in the field.

About 2 months later I get a call from lower level manager wanting to pay me to fix a internal network problem (it had been down for a couple days and nobody had been able to fix it.). Told him I wouldn't touch any company systems, since I didn't trust the VP. It wasn't worth the risk of getting blamed for any problems.
Funny part is that I still had dial-in access to the network months later, and could have dialed in and wiped every system on the network if I had wanted to.

About a year after I left the filed bankruptcy and later sold the company to a competitor.

 

[Jagger100]

As someone who deals with google apps for education and higher ed, there is just as much argument to be made for this outcome being the result of their "school" being run like shit and not extorsion.

1)So first up, you don't go all google apps for education and running your online school through google without having singed contracts with google with a whole bunch of people's names on things. These people can get significant assistance from google in sorting out issues like these in fairly short order providing some basic proof that you are who you say you are.

2) Look, you fire me, I don't owe you any more work. Period. You ask me for the password before you fire me, sure. You be a dick about firing me and then go.. oh wait.. we utterly failed to do our job and get our ducks in a row, so it's your fault of course.

3) They want him to do more work, he's free to set his rate. That rate can be entirely absurd and intended solely as a big fuck you to the company you do not want to work for. Because you don't HAVE to work for a company.

4) Extortion requires a threat or damaging action. You will note as soon as the fucktards running the school actually dug up their contract and gave google what they asked for, google unlocked all their shit. Having to get off your ass to do a basic task that takes an afternoon of your time or two because you fucked up is not rising to the level of great harm. Even if your lawyers had to operate the google phone tree for you, you are still in low five figures for sorting this out.

The only reason this is a thing is because the sysadmin didn't show to court. It would be interesting to see what the judge commented on in regards to the default judgement. It is entirely possible the judge thought the claim was stupid but not entirely meritless and thus deserving of a day in court.

Depends if there was a password document/surrender policy. The school shouldn't have needed to go to him unless he pulled a dick change on his way out. If they screwed up, he doesn't owe them anything but it is petty, though. If he didn't deliberately change the password and leave, they're making it sound like he did and he should sue based on that.

 

[Krazy925]

Depends if there was a password document/surrender policy. The school shouldn't have needed to go to him unless he pulled a dick change on his way out. If they screwed up, he doesn't owe them anything but it is petty, though. If he didn't deliberately change the password and leave, they're making it sound like he did and he should sue based on that.

Isn't the password his to change until his last day of employment?

If I change my password today and my boss fired me tomorrow would it be my responsibility to provide the new password(she would be effectively locked out of my sales emails).

Also is anyone else wondering how long this has been going on for? I didn't see that ITFA.

Now if he changed it after he was fired, he's screwed. One of my old regionals just got caught doing that was a newly poached employee. His head rolled but she survived.

 

[Deleted member 93354]

2) Look, you fire me, I don't owe you any more work. Period. You ask me for the password before you fire me, sure. You be a dick about firing me and then go.. oh wait.. we utterly failed to do our job and get our ducks in a row, so it's your fault of course.

3) They want him to do more work, he's free to set his rate. That rate can be entirely absurd and intended solely as a big fuck you to the company you do not want to work for. Because you don't HAVE to work for a company.

Changing the companies education password, knowing in a few days the company would need it I think as intentionally damaging to the company. This is especially true when the owners were not notified of new said password to allow them to continue their work. Intentionally interfering with a businesses operations qualifies as sabotage. Asking them money to restore what should have been clearly communicated (the new password) could be looked at as extortion.

Whenever I left my old jobs, I gave a blanket 1 year guarantee on my work and knowledge of how certain processes worked, provided it did not invoke new features. As all my work typically passed through QA this has never become an issue. It's called "professional integrity, and pride in your work."

 

[Pringle]

Dont forget the most important part:

"Williams, meanwhile, filed a lawsuit of his own in the U.S. District Court in Chicago, claiming the college bullied him and discriminated against him and other black employees."

And there's the reason for the $200K. ffs

 

[Babbster]

Whenever I left my old jobs, I gave a blanket 1 year guarantee on my work and knowledge of how certain processes worked, provided it did not invoke new features. As all my work typically passed through QA this has never become an issue. It's called "professional integrity, and pride in your work."

That's a great guarantee. And it still applies when you're fired and you believe that it was the result of managerial incompetence and perhaps even discrimination? If so, that would actually indicate a lack of pride unless you not only immediately found a new job but a better one and helped your former asshole employers out of pity.

Of course, an IT professional who takes pride in their work wouldn't even know any still-active passwords once they've left their job because such a professional would have made sure there was a system in place to immediately deactivate any former employee's access*.

*Meaning both that your "professional integrity" should be irrelevant to this situation and that the ex-employee in this case would be in the wrong if he did still have active credentials on his former employer's system(s).

 

[CrazyRob]

According to a different article, it sounds more like the school really messed up, and targeted him to blame to save face. https://www.theregister.co.uk/2017/01/18/school_fires_sues_it_admin/

"The school appealed to Google, but Google at the time refused to help because the ACE administrator account had been linked to William's personal email address."

"Frederick's letter claims that another employee set up the Google account and made Williams an administrator, but not the controlling administrator. It says the school locked itself out of the admin account through too many failed password attempts."

If all that is true, it sounds like they had much bigger internal administrative problems.

 

[Deleted member 93354]

That's a great guarantee. And it still applies when you're fired and you believe that it was the result of managerial incompetence and perhaps even discrimination? If so, that would actually indicate a lack of pride unless you not only immediately found a new job but a better one and helped your former asshole employers out of pity.

Of course, an IT professional who takes pride in their work wouldn't even know any still-active passwords once they've left their job because such a professional would have made sure there was a system in place to immediately deactivate any former employee's access*.

*Meaning both that your "professional integrity" should be irrelevant to this situation and that the ex-employee in this case would be in the wrong if he did still have active credentials on his former employer's system(s).

Somebody else who likes sticking it "to the man"

I had a jerk of an ex-boss. In fact, he was demoted for being a jerk after I left. He was the reason I left my last job. I wrote extensive documentation those last couple weeks...after all I was the only programmer who wrote a system that offloaded calculations onto the GPU.

But when he wrote ~six months later because the new programmers didn't have a clue how the new algorithm worked, I took 30 minutes to write down additional notes in an email including recommended reading, that wasn't in my documentation when I left the job.

Why make everyone suffer because your one boss was a jerk?

Part of your job is in the joy of creating. Yes it's a lot of drudgery, reverse engineering, bug fixes, re-education, "Why would they want to do that?", and impossible deadlines. But you are creating something. Why would you not take pride in it?

 

[klank]

The way I read it the school fucked up on multiple occasions. Then they bullied and discriminated against him.

 

[Babbster]

Somebody else who likes sticking it "to the man"

I had a jerk of an ex-boss. In fact, he was demoted for being a jerk after I left. He was the reason I left my last job. I wrote extensive documentation those last couple weeks...after all I was the only programmer who wrote a system that offloaded calculations onto the GPU.

But when he wrote ~six months later because the new programmers didn't have a clue how the new algorithm worked, I took 30 minutes to write down additional notes in an email including recommended reading, that wasn't in my documentation when I left the job.

Why make everyone suffer because your one boss was a jerk?

Part of your job is in the joy of creating. Yes it's a lot of drudgery, reverse engineering, bug fixes, re-education, "Why would they want to do that?", and impossible deadlines. But you are creating something. Why would you not take pride in it?

It's not about making people suffer. It's about being unjustly fired (or believing that you were), and you've once again offered an example where you "left" your job, implying that it was your choice.

Yeah, everyone has had jerk bosses but still liked their work and then moved on to another job with minimal acrimony. That's great. My grandfather retired from his job and went back for a 6-month stint when his employer realized that they needed to pass on specific expertise that he possessed. But you know what they did when they asked him for help? They paid him. In fact, they paid him a premium to get what they needed from him (higher salary plus an extra 2 years' credit towards his pension). He had professional pride and even liked the people for whom he worked but he wasn't giving it away for free.

 

[PaulP]

When you leave a job you are required to turn in all physical keys and digital key cards on your last day. This is obvious. The same is true of passwords, especially admin level which can't be overridden by a higher level account. I don't accept the argument that "They didn't ask me if I had changed the password recently". Neither would a Judge. He had an obligation to divulge the admin password on the way out, regardless of the circumstances of his departure.

 

[bal3wolf]

something tells me this is not going to go well for college or the ex admin.

 

[Deleted member 93354]

It's not about making people suffer. It's about being unjustly fired (or believing that you were), and you've once again offered an example where you "left" your job, implying that it was your choice.

Yeah, everyone has had jerk bosses but still liked their work and then moved on to another job with minimal acrimony. That's great. My grandfather retired from his job and went back for a 6-month stint when his employer realized that they needed to pass on specific expertise that he possessed. But you know what they did when they asked him for help? They paid him. In fact, they paid him a premium to get what they needed from him (higher salary plus an extra 2 years' credit towards his pension). He had professional pride and even liked the people for whom he worked but he wasn't giving it away for free.

There's a difference between a six month stint invoking new features, versus helping with work that you were already paid to do that takes a couple minutes of time.

And if you were unjustly fired, let the courts/lawyers handle that.

Its like if you got a divorce because your ex cheated on you. You can't go and bash up her stuff because she did you wrong. Any court would frown on that.

 

[Babbster]

Its like if you got a divorce because your ex cheated on you. You can't go and bash up her stuff because she did you wrong. Any court would frown on that.

So now you're equating not helping with vandalism? Let's try it with at least a touch of realism:

It's like if you got a divorce because your ex cheated on you. You wouldn't be expected to go back to fix her toilet because she doesn't want to spend the money on a plumber.

Now that is fucking apt.

ETA: And just to be clear, again, I'm not defending the subject of the OP - if he took steps on the way out the door to screw over his employers, he's a jerk, no matter how they treated him. But this idea of continuing loyalty to companies that fire you, especially without compensation, is crazy talk, at least in the USA where employers can fire pretty much any non-union employee for anything apart from specifically protected civil rights situations.

 

[klank]

When you leave a job you are required to turn in all physical keys and digital key cards on your last day. This is obvious. The same is true of passwords, especially admin level which can't be overridden by a higher level account. I don't accept the argument that "They didn't ask me if I had changed the password recently". Neither would a Judge. He had an obligation to divulge the admin password on the way out, regardless of the circumstances of his departure.

Did you miss the part about how he returned the laptop that had the password save on it?

 

[Axiomatic]

I'm surprised this doesn't happen more. How many of you have been given an unrealistic timeline to fix some IT shit from a clueless upper manager that does not know how much time it takes to deploy the widget? I usually reply with honesty and tell them that is impossible and deal with the fallout right there. YMMV.

 

[Chupachup]

I'm surprised this doesn't happen more. How many of you have been given an unrealistic timeline to fix some IT shit from a clueless upper manager that does not know how much time it takes to deploy the widget? I usually reply with honesty and tell them that is impossible and deal with the fallout right there. YMMV.

A similar incident came up when I was part of a massive downsizing a few years ago. Two weeks after I turned in my laptop and cell phone, my former manager contacted me for information about her business unit's client/vendor order and billing procedures, their meeting requirements, basically everything I had done ..oh.. and she wanted me to spend a week (or two) training two people via Skype. I told her my processes were all well documented and posted to the her groups workplace online as they had been used to train two other employees (insert sarcasm) who were let go months before I was. She was adamant that I do the training and made nuanced threats about a lack of aid leading to my severance and pension being put at risk.

I already had confirmation from corporate with regards to my severance package, so I told her I would gladly do the training at a rate of $300/hr for a standard eight hour day and a locked in two week window- even if the people felt comfortable after a few days. She choked and asked me to justify my pricing.

I let her know in a pleasant tone that I didn't owe her any justification in the same way she didn't give me one when she blankly read from a prepared script telling me that I was part of the next round of cuts and ordering me to turn in my equipment. As I was doing that, I texted her the links to the group's documents page and told her if the people she wanted trained couldn't understand what was in those documents they wouldn't qualify for my training and shouldn't be working for her.

She never seemed to get that I had been averaging 65-70 hours a week to keep up with just the "normal" global workflow and change management for the business unit before I was cut. It was going to have to be more than worth my while to return and do a month's work in one or two weeks while at the same time training my replacements to save her butt. She told me I was being unreasonable, to which, I told her it was now not my prerogative to share in her reasoning when it came to the business

Several days later she countered and offered me a consulting fee and lunch to visit and simply sit and talk with her about the parts of the units business she had left to for me to manage. So, I had a three and a half day discussion/lecture highlighting the requirements necessary for specific client and vendor interaction, gathering of data and preparing the various reports and specific billing. Translation- I read directly from the documentation and elaborated on questions she had.

It was a small victory, as every month that went by, I heard through the grapevine that she consistently missed metrics and billing and had a very unhappy customer and upper management to report to. On one hand, I felt bad because she is a friend. On the other, karma

 

[Jagger100]

Isn't the password his to change until his last day of employment?

If I change my password today and my boss fired me tomorrow would it be my responsibility to provide the new password(she would be effectively locked out of my sales emails).

Also is anyone else wondering how long this has been going on for? I didn't see that ITFA.

Now if he changed it after he was fired, he's screwed. One of my old regionals just got caught doing that was a newly poached employee. His head rolled but she survived.

The password belongs to the job, not the employee. Also, opportunity is not permission. There likely is an account/password surrender policy, probably in the fine print of his job agreement. Normally punishment would be termination so its hard to say if any civil action would be easy. I guess legally it depends if he took steps to circumvent the policy, changing it after already surrendering it when he was given notice or failing to update some kind of record, or if they didn't do their due diligence. Either way they would be in their full right to give a negative job referral. I'd never hire you. Even if they had no policy and did this, I wouldn't hire him.

 

[serious]

He should have told them the password after it was locked and show up in court. At the very least, just show up in court.

 

[DocSavage]

Changing the companies education password, knowing in a few days the company would need it I think as intentionally damaging to the company. This is especially true when the owners were not notified of new said password to allow them to continue their work. Intentionally interfering with a businesses operations qualifies as sabotage. Asking them money to restore what should have been clearly communicated (the new password) could be looked at as extortion.

Whenever I left my old jobs, I gave a blanket 1 year guarantee on my work and knowledge of how certain processes worked, provided it did not invoke new features. As all my work typically passed through QA this has never become an issue. It's called "professional integrity, and pride in your work."

If he is setup as the only superadmin, then the "companies education password" is just your own work email password. I wouldn't give my own password out either. I'd reset it and tell them whatever random string I set it to though. You could also just setup a secondary superadmin account with its own password and give that out to someone VIP and trustworthy enough not to fubar everything.

 

[klank]

He should have told them the password after it was locked and show up in court. At the very least, just show up in court.

Why? He left the current password on the laptop that was returned to the school. Why show up for court when he already gave them the password on the laptop? He no longer had an obligation to the school as he was no longer an employee. Furthermore, the lawsuit was filed in Indiana, the guy lives in Chicago and has the responsibility of caring for this children. So he is just expected to leave at a whim for the school's silliness?

If anything the school messed up and did not have the accounts setup correctly and/or a process to secure the accounts.