The information security consultant decided to play ransomware, but the rules of the game worked against him.
A former cybersecurity consultant has been arrested for attempting to extort $1.5 million from a well-known IT company in exchange for non-disclosure of confidential information.
57-year-old Vincent Kannady, through a recruitment agency, was brought in to assess and fix vulnerabilities in an international IT company with an office in New York. On June 23, 2023, Kannadi was fired due to poor performance, which caused Kannadi to use a company laptop to download proprietary company information, including architectural maps and lists of potential vulnerabilities, to his personal cloud storage.
Kannadi threatened to reveal the stolen information if the company did not pay him $1.5 million. as compensation for "discrimination in the workplace". After launching an investigation into the data theft, Kannady stepped up his demands, blocked the HR company's access to the laptop, and began a lengthy process of extortion, including threats of legal liability for emotional harm and other claims.
The defendant also tried to attract media attention by hinting at the public disclosure of stolen information or its disclosure through lawsuits and complaints to regulatory authorities, which could damage the company's reputation and investor confidence.
Kannadi demanded that the company settle claims of discrimination and emotional harm, and also demanded that clauses be included in the contract prohibiting the company from prosecuting him under the criminal article. He indicated that "he will immediately publish all the documents as soon as the case is initiated."
If convicted, Kannadi faces up to 20 years in prison. The court decision will be made by the Federal District Court for the Southern District of New York.
A former cybersecurity consultant has been arrested for attempting to extort $1.5 million from a well-known IT company in exchange for non-disclosure of confidential information.
57-year-old Vincent Kannady, through a recruitment agency, was brought in to assess and fix vulnerabilities in an international IT company with an office in New York. On June 23, 2023, Kannadi was fired due to poor performance, which caused Kannadi to use a company laptop to download proprietary company information, including architectural maps and lists of potential vulnerabilities, to his personal cloud storage.
Kannadi threatened to reveal the stolen information if the company did not pay him $1.5 million. as compensation for "discrimination in the workplace". After launching an investigation into the data theft, Kannady stepped up his demands, blocked the HR company's access to the laptop, and began a lengthy process of extortion, including threats of legal liability for emotional harm and other claims.
The defendant also tried to attract media attention by hinting at the public disclosure of stolen information or its disclosure through lawsuits and complaints to regulatory authorities, which could damage the company's reputation and investor confidence.
Kannadi demanded that the company settle claims of discrimination and emotional harm, and also demanded that clauses be included in the contract prohibiting the company from prosecuting him under the criminal article. He indicated that "he will immediately publish all the documents as soon as the case is initiated."
If convicted, Kannadi faces up to 20 years in prison. The court decision will be made by the Federal District Court for the Southern District of New York.
