An Ohio IT contractor has pleaded guilty to breaking into his former employer’s systems and causing nearly $1 million worth of damage after being fired.
Maxwell Schultz, 35, impersonated another contractor to gain access to the company’s network after his credentials were revoked.
Announcing the news, US attorney Nicholas J. Ganjei did not specify the company in question, which is typical in these malicious insider cases, although local media reported it to be Houston-based Waste Management. The Register contacted Waste Management for clarity, but it did not respond.
The attack took place on May 14, 2021, and saw Schultz use the credentials to reset approximately 2,500 passwords at the affected organization.
This meant thousands of employees and contractors across the US were unable to access the company network.
Schultz admitted to running a PowerShell script to reset the passwords, searching for ways to delete system logs to cover his tracks – in some cases succeeding – and clearing PowerShell window events, according to the Department of Justice.
Prosecutors said the attack caused more than $862,000 worth of damage related to employee downtime, a disrupted customer service function, and costs related to the remediation of the intrusion.
Schultz is set to be sentenced on Jan 30, 2026, and faces up to ten years in prison and a potential maximum fine of $250,000.
If it was Waste Management, the largest US garbage company is not alone in its woes. Malicious insiders sabotaging IT systems is a common tale, and one that continues to be told in 2025.
Be it Coinbase or FinWise in the US, the spate of rogue North Korean IT workers targeting Western organizations, local authorities, or even GCHQ in the UK, insider threats continue to wreak havoc across all types of organizations, and that’s just in 2025.
In previous years, we’ve covered stories about COOs hacking hospitals to drum up business, a former IT admin locking Canadian Pacific Railway out of its network switches, a senior dev activating a kill switch, and a security analyst attempting to redirect ransom payments to his own pocket. ®