A former IT contractor from Ohio has admitted to launching a cyberattack against his employer’s network in retaliation for being terminated, federal prosecutors announced this week.
Maxwell Schultz, 35, of Columbus, Ohio, pleaded guilty to computer fraud charges after leading a technical attack that locked thousands of employees out of their systems nationwide.
On May 14, 2021, Schultz was fired from his contract position in the company’s IT department. Rather than accepting the termination, he chose to strike back digitally.
Shortly after his dismissal, Schultz impersonated another contractor to fraudulently obtain valid login credentials, gaining unauthorized access to the company’s network.
Once inside the system, Schultz executed a PowerShell script designed to cause maximum disruption.
The malicious code reset approximately 2,500 employee passwords simultaneously, effectively locking thousands of workers and contractors out of their computers across multiple locations.
Schultz didn’t stop at password resets. He actively sought methods to delete digital evidence of his unauthorized access, including PowerShell event logs and system logs.
Despite clearing multiple logs, investigators eventually traced the attack back to him. The company suffered significant financial losses exceeding $862,000.
These damages included widespread employee downtime, disrupted customer service operations, and extensive labor costs required to restore standard network functionality.
The ripple effects impacted both internal operations and customer relationships. As part of his guilty plea, Schultz acknowledged that anger over his termination motivated the attack. He now faces serious federal consequences.
U.S. District Judge Lee Rosenthal will sentence Schultz on January 30, 2026. He faces up to 10 years in federal prison and a maximum fine of $250,000.
The FBI led the investigation, with Assistant U.S. Attorneys Rodolfo Ramirez and Michael Chu prosecuting the case.
This case highlights the critical importance of immediately revoking system access for terminated employees, particularly those with administrative privileges.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
