Tuesday, May 13, 2025
HomeCloudCloud Engineer Sentenced for Deleting Ex-employer’s Code Repos & Logs

Cloud Engineer Sentenced for Deleting Ex-employer’s Code Repos & Logs

Published on

SIEM as a Service

Follow Us on Google News

San Francisco resident Miklos Daniel Brody, 38, took revenge on his former employer, a bank, by hacking valuable computer code and damaging the bank’s cloud system. And the Cloud Engineer Sentenced.

After stealing information from and purposefully damaging a protected computer, he was sentenced to 24 months in prison for breaking the Computer Fraud and Abuse Act. He was also found guilty of making false statements to a government agency.

Brody worked as a cloud engineer for a San Francisco-based First Republic Bank (FRB) until March 11, 2020, when he was fired for breaking corporate policy.

- Advertisement - Google News

Brody Accessed the FRB’s Bank Computer Network

In the superseding indictment, it is claimed that Brody accessed the FRB’s computer network without permission and caused significant damage later that evening and early the next morning using his company-issued laptop, which he failed to return after being fired.

That evening, after breaking into FRB’s computer system, BRODY started executing scripts to delete code and harm the software infrastructure.

After using the VPN to get access to the FRB computer system, BRODY established a connection to the “Jumpbox,” the secured host server. 

The complaint claims that it allowed him to access the code repositories on “Devbox” and “Github.” Utilizing the “grand.sh” script concealed under a network information folder, he terminated nearly every instance within Amazon Web Services (AWS).

Additionally, he sent himself a proprietary bank code that he had worked on while employed; the code was worth more than $5,000. 

The DOJ claims that BRODY deleted the bank’s code repositories, erased logs containing malicious scripts, left taunts for former colleagues in the bank’s code, and initiated sessions under the identities of other bank workers.

Judge Orrick calculated the overall cost of the system damage to the bank to be at least $220,621.22 during the sentencing hearing.

The superseding indictment also claims that Brody committed several evasive and dishonest acts in the days and weeks that followed his termination, such as submitting a police report in which he lied to the San Francisco Police Department that his company-issued laptop had been stolen from his car while he was exercising at the gym.

Brody doubled down on that false allegation in statements he made to USSS agents during an interview following his arrest in March 2021.

Brody acknowledged making a false claim regarding the company-issued laptop in his guilty plea application, and he acknowledged that he was aware of the dishonesty of the claim at the time.

The Sentencing

Miklos Daniel Brody was given a 24-month prison term today for both hacking into a network and lying to a government organization.

Judge Orrick not only sentenced Brody to jail but also mandated that he pay $529,266.37 in restitution and serve three years of supervised release following his prison term.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Apple Releases Security Patches to Fix Critical Data Exposure Flaws

Apple released critical security updates for macOS Sequoia 15.5 on May 12, 2025, addressing...

Lumma Stealer Upgraded with PowerShell Tools and Advanced Evasion Techniques

Sophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware...

New Noodlophile Malware Spreads Through Fake AI Video Generation Platforms

Cybercriminals have unleashed a new malware campaign using fake AI video generation platforms as...

Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns

The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Apple Releases Security Patches to Fix Critical Data Exposure Flaws

Apple released critical security updates for macOS Sequoia 15.5 on May 12, 2025, addressing...

Lumma Stealer Upgraded with PowerShell Tools and Advanced Evasion Techniques

Sophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware...

New Noodlophile Malware Spreads Through Fake AI Video Generation Platforms

Cybercriminals have unleashed a new malware campaign using fake AI video generation platforms as...