🐿️
17

Caught my intern forwarding sensitive logs to his personal Gmail last Thursday

I was reviewing the SIEM alerts and saw a weird outbound connection from our log server. Tracked it back to a kid I hired three months ago who was just emailing himself whole event files. Said he wanted to 'practice parsing them at home' but never asked permission. Anyone else deal with new guys thinking they can just take data offsite without a word?
2 comments

Log in to join the discussion

Log In
2 Comments
noah_palmer42
Wait until he puts it on GitHub to show off... @leor37 is missing the bigger compliance nightmare here.
6
leor37
leor3715h ago
I mean, sounds annoying but is it really that big of a deal?
4