What legal steps can we take if a previous employee is now accessing mail boxes on our server? We can trace unauthorized access back to the IP address of the graduate school this person now attends. Our logs show all the activity that was done. We have already asked all current employees to change their passwords. This change has locked this person out of the e-mail boxes for the time being. What additional steps should we take? Do...
we have legal grounds to sue? Should we call the police?
I am not a lawyer, so if you need real legal advice, you should find an attorney that specializes in data security. If you are looking to press charges, contact the FBI, as they are responsible for this type of crime, assuming the access crosses state lines. (This last bit of advice also assumes you are in the United States.)
Having said all of that, if you are simply trying to stop this individual, and you have all the records that you say you have, try contacting the IT security department of the university the attacks are coming from. I'm sure the university would be interested in a student that is violating the university's terms of service by using their resources to attack your systems. If not, mention to them that you plan to report this activity to the authorities and/or pursue civil litigation against the university. The threat is often enough for them to take action.
In the mean time, I would suggest blocking all access from the IP block associated with that university.
Dig Deeper on Security Resources
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.