An employee has pleaded guilty to hacking into his former employer’s network and causing nearly $1 million in damages after being fired.
According to the indictment, 35-year-old Maxwell Schultz, who had lost access to company systems, posed as another contractor and reinfiltrated the company network. The Justice Department documents do not name the organization, which is typical in malicious cases.
Local media, citing sources, reported that the organization could be Houston-based Waste Management , but the company itself did not respond to reporters’ requests.
The attack occurred on May 14, 2021. Using stolen credentials, Schultz ran a PowerShell script and reset approximately 2,500 passwords at the affected organization . As a result, thousands of employees and contractors across the United States temporarily lost access to the corporate network.
The indictment states that Schultz not only mass-reset passwords, but also attempted to delete system logs to conceal his logins. In some cases, he even managed to erase logs of his actions and clear the PowerShell event log.
The indictment estimates that the attack caused over $862,000 in damages. This figure includes employee downtime, customer service interruptions, and the costs of investigating the incident and restoring the infrastructure.
Schultz is scheduled for sentencing on January 30, 2026. He faces up to ten years in prison and a fine of up to $250,000.
This still-unnamed company isn’t the only one facing similar problems. Stories of malicious actors seeking revenge on employers or profiting from hacking internal systems continue to surface regularly in 2025.
In the United States, these include incidents involving Coinbase and FinWise, as well as cases of North Korean IT workers employing Western companies under false identities. In various countries, businesses, local governments, and even intelligence agencies such as the British intelligence agency GCHQ have been attacked.
Previous reports have included a senior executive who hacked a hospital system for his own business interests, a former administrator who blocked his employer’s access to networking equipment , a senior developer who activated a kill switch in a product, and a security analyst who attempted to redirect ransom payments to his own account.
All of this underscores that insider threats remain one of the most pressing and unpredictable challenges for any organization.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
