Companies are being warned once again about the potential threat posed by past employees who may turn rogue. Andrew Mahn, a 28-year-old from Derry, New Hampshire, recently pleaded guilty to illegally hacking the network of his former employer, telecoms firm Motorola. Mahn tricked current staff into handing over their login credentials by sending phishing emails. He targeted a total of 31 current Motorola employees, convincing them to click on a link and enter their username and password, thereby sharing their login credentials with him. Mahn also sent SMS text messages to at least one employee, pretending to be from the company’s multi-factor authentication service. With unauthorized access to Motorola’s network, Mahn was able to modify his victim’s account so that future authentication codes would be sent directly to phone numbers controlled by him. He also stole code and a software tool from Motorola’s network, after breaking into their Bitbucket repository. Mahn was arrested and charged with offenses related to the hack. However, while on conditional release, he applied for a passport using a false name and date of birth, but a genuine photograph of himself, leading authorities to believe he was attempting to abscond overseas before his trial. Mahn is scheduled to be sentenced in March 2024, and he could face up to 20 years in prison for wire fraud and up to 10 years for passport fraud.
1. Andrew Mahn, a former employee of Motorola, pleaded guilty to illegally hacking the company’s network.
2. Mahn tricked current staff into sharing their login credentials through phishing emails and SMS text messages.
3. With unauthorized access to Motorola’s network, Mahn modified his victims’ accounts to control their authentication codes.
4. Mahn also stole code and a software tool from Motorola’s network.
5. He applied for a passport using false information, suggesting he was planning to flee the country before his trial.