Manhattan’s district attorney has slapped Gucci hacker Sam Chihlung Yin with up to six years in state prison for hacking the corporate network of Gucci American, Inc. In a press release from the office of Cyrus R. Vance, Jr., the D.A. noted that Mr. Yin pleaded guilty in mid-July to one felony count of computer tampering in the first degree and 10 felony counts of “criminal possession of computer related material.”
Mr. Vance’s announcement regarding Mr. Yin’s sentence included a quote from the D.A. that could be read as a none-too-veiled warning to anyone else tempted to follow the former Gucci network engineer’s example:
Today, a computer hacker is going to state prison for attacking the network of his former employer, which is one of the more than 900 fashion companies based here in New York. As we have seen in many cybercrime cases, these so-called ‘insiders’ at companies have the ability to harm their employers, co-workers, and the company’s clients, customers, and even products. This is but one example in the fight against cybercrime and our ongoing efforts to repel attacks and protect electronic systems.
Sam Yin was apparently the worst kind of disgruntled ex-employee. After he was fired from his job at Gucci he accessed a secret account he’d created while working there and began wreaking havoc on the fashion retailer’s systems, shutting off off servers and in some cases deleting data. Mr. Yin then doubled down on his shenanigans by using a fake identity to somehow socially hack his way into the network and gain near total control via knowledge of administrator passwords. Mr. Yin ultimately deleted the company’s email accounts, which the D.A. stated “cost Gucci hundreds of thousands of dollars in diminished productivity, restoration and remediation measures, and other expenses.”
Sam Yin turns 36 tomorrow. With any luck could be out of prison before he turns 39. We suspect he’ll have a hell of a time finding a new I.T. job once he’s released.