Former Database Administrator Convicted Of Hacking His Old Firm

Ex-employee attacked his old database months after being terminated

Tim Wilson, Editor in Chief, Dark Reading, Contributor

November 20, 2009

2 Min Read

A former database administrator for GEXA Energy has been convicted after pleading guilty to hacking his former employer's database system.

The conviction of Steven Jinwoo Kim, 40, was announced yesterday by U.S. Attorney Tim Johnson, according to a news report by

At a hearing before U.S. District Judge Vanessa Gilmore, Kim admitted to recklessly causing damage to a GEXA Energy protected computer, the report says. GEXA Energy is a retail electric utility provider based in Houston.

On Feb. 5, 2008, GEXA Energy terminated Kim's employment as a database administrator and permanently revoked his access to all GEXA Energy facilities, computer networks, and information technology systems, the report says. Approximately three months later, Kim remotely accessed the GEXA Energy computer network and GEXA Energy Management System (GEMS) database.

While connected to the GEXA Energy computer network, Kim recklessly caused damage by, among other things, issuing various Oracle database commands that created a new data table in the GEMS production database. When copied to the GEMS staging database, that caused the automated script to fail, thus impairing the availability of data.

As a result of Kim's intrusion into its protected computer system, GEXA Energy incurred a loss of at least $100,000 -- the costs associated with troubleshooting, securing, and repairing the GEXA Energy computer network and GEMS database, the report says. Kim was indicted in June 2009.

GEXA customers were not notified of the breach until April 2009. In letters sent to those affected, the utility provider indicated it had been prohibited from telling them of the incident sooner because of the investigation.

Judge Gilmore set Kim's sentencing for March 1. He faces a maximum punishment of five years imprisonment and/or a $250,000 fine. Kim has been permitted to remain on bond pending his sentencing.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Tim Wilson, Editor in Chief, Dark Reading


Tim Wilson is Editor in Chief and co-founder of Dark, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights