British IT worker jailed for revenge attack on employer that caused a “ripple effect of disruption” for colleagues and customers

Insider threat hacker concept image showing man typing on keyboard in a dimly lit room.

(Image credit: Getty Images)

published 1 July 2025

A disgruntled IT worker has been jailed after costing his employer £200,000 - and its good reputation - by exploiting his privileged network access.

West Yorkshire man Mohammed Umar Taj was suspended from his job in Huddersfield in July 2022, and began taking revenge within hours.

According to West Yorkshire Police, he went back to the company’s premises and accessed its computer systems, altering login credentials to disrupt the firm’s day to day activities.

A day later, he went further, changing access credentials and the company’s multi-factor authentication (MFA) - causing big problems for the firm’s clients both in the UK and overseas in Germany and Bahrain.

However, Taj wasn’t exactly covert, having kept recordings of his activities and discussing the attack on the phone. These calls and recordings were later accessed by West Yorkshire Police’s cyber team and played a vital role in the case.

He has now been sentenced to seven months and 14 days in custody for committing unauthorized acts with intent to impair the operation of or hindering access to a computer.

“Taj set out to get revenge on his employer following his suspension from work. He did so by targeting their IT system, which he had privileged access to. By doing this he created a ripple effect of disruption far beyond the shores of the UK," said detective sergeant Lindsey Brants of West Yorkshire Police’s Cyber Crime Team.

“Protecting your network prevents data loss and costly cyber attacks. It also maintains trust with clients and stakeholders. We urge all businesses to look at their network security.”

Why you should always be wary of insider threats

According to a recent survey of more than 400 IT and cybersecurity professionals by Gurucul, 48% experienced a rise in insider attacks in the previous 12 months, with 51% having six or more attacks in that time.

When it came to the cost of remediation, 32% said it was between $100,000 and $500,000 while 27% put it at anywhere between $500,000 and $1 million.

Companies are starting to take the risk seriously, however. Alternative research from DTEX Systems found that organizations are spending 16.5% of their annual IT security budget on insider risk management – up from 8.2% in 2023.

More than eight-in-ten now have - or are planning to introduce - an insider risk management program. Of those that do, 65% said their program was the only security strategy that enabled them to pre-empt a data breach by detecting insider risk early.

"Insider-driven security incidents result in significant financial and reputational costs," said DTEX Systems CEO Marshall Heilman.

"However, organizations investing in dedicated insider risk management programs are achieving faster containment or preventing incidents entirely — a decisive win in the fight against data loss."

MORE FROM ITPRO

Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.