A former IT administrator has been sentenced to more than two years in prison for accessing his employer's computers without authorization and deleting company files.
The US Attorney's Office for the Central District of California today said Nikishna Polequaptewa, 37, of Avondale, Arizona, has been sentenced to 27 months in prison and ordered to pay $53,305 to his former employer, Arizona-based Blue Stone Strategy Group.
In 2014, Polequaptewa, then based in Irvine, California, began working as a senior strategist handling information technology and marketing for Blue Stone, which provides services to Native American tribal communities.
According to the federal indictment [PDF], Blue Stone stored its work-related data on an in-office Mac Pro computer and an in-office Synology server in Irvine, and on cloud services run by Google, Bluehost, MailChimp, and Cox Communications.
A court filing [PDF] in a parallel civil case that Blue Stone filed against Polequaptewa says that the CEO of Blue Stone and others met Polequaptewa in November 2014, and it was decided that the company would move its IT, web design, and marketing to external vendors. Although Polequaptewa was not strictly laid off amid this outsourcing, he was stripped of his information technology responsibilities.
"During the meeting with Polequaptewa, Blue Stone executives asked that Polequaptewa 'turn over' all of the data needed to hand the IT, web design and marketing over to the third party external companies," the civil filing says. "During this meeting Polequaptewa was less than helpful and obstructed Blue Stone's attempts to transfer management of its IT infrastructure to the third party external companies."
In mid-November 2014, Polequaptewa traveled to Fort Lauderdale in Florida for a client meeting at which he abruptly resigned, to the surprise of company executives.
"Shortly after Polequaptewa announced his resignation, Blue Stone employees began to notice that the data, emails and computer files were being deleted/transferred from Blue Stone's databases, servers and email accounts," the civil filing explains.
The criminal indictment says that on November 18, 2014, Polequaptewa deleted various files on the Blue Stone server in Irvine and on the company's various cloud services and issued a wipe command to the Irvine office Mac Pro using his iPhone's Find My iPhone app. The following day, when the Mac Pro was turned on, it erased itself.
"While on that project and angry that he had been stripped of his other job duties, Polequaptewa retaliated against Blue Stone by deleting the website and marketing materials that the company had developed over eight years," the US Attorney's Office said in its statement.
Blue Stone contacted local law enforcement in Fort Lauderdale. When officers arrived and interviewed Polequaptewa in his hotel room, he admitted accessing the company's infrastructure, according to Blue Stone's civil filing.
The evidence list includes a variety of digital records that support Polequaptewa's involvement in the data destruction, including "Apple Record Showing Defendant’s Initiation of Wipe Commands."
The company says it spent about 10 hours restoring as much data as possible, at a cost of about $50,000.
According to a 2015 report in the Orange County Weekly, Polequaptewa claimed he quit after filing whistleblower complaints against Blue Stone for alleged improper payments to Indian gaming officials, tribal leaders and a New Mexico politician. ®
Sponsored: Webcast: Simplify data protection on AWS