US IT pro gets prison time for sabotaging ex-employer's system

Ricky Joe Mitchell must also pay more than $500,000 in restitution and fines

A former network engineer for oil and gas company EnerVest has been sentenced to four years in federal prison after pleading guilty in January to sabotaging the company's systems badly enough to disrupt its business operations for a month.

Ricky Joe Mitchell of Charleston, West Virginia, must also pay US$428,000 in restitution and a $100,000 fine, according to an announcement this week from U.S. Attorney Booth Goodwin's office.

In June 2012, Mitchell found out he was going to be fired from EnerVest and in response he decided to reset the company's servers to their original factory settings. He also disabled cooling equipment for EnerVest's systems and disabled a data-replication process.

Mitchell's actions left EnerVest unable to "fully communicate or conduct business operations" for about 30 days, according to Booth's office. The company also had to spend hundreds of thousands of dollars on data-recovery efforts, and part of the information could not be retrieved.

"Imagine having your company's computer network knocked out for a month," Goodwin said in a statement. "In this day and age, that kind of attack is devastating."

Mitchell's actions cost EnerVest well over $1 million, according to the indictment against him.

Mitchell had faced up to 10 years in prison as well as three years of supervised release, but could serve less than the four years thanks to federal guidelines providing up to 54 days off per year for good behavior.

He's not the only IT professional in recent memory to take revenge on an employer, although Mitchell's actions caused more economic damage than others.

In 2009, a former IT staffer at Baltimore Substance Abuse Systems hacked into a PowerPoint presentation the CEO was giving to a group of city officials, causing porn to suddenly appear on a large screen.

Walter Powell received a two-year suspended sentence and was ordered to perform 100 hours of community service as punishment for the stunt.

Chris Kanaracus covers enterprise software and general technology breaking news for The IDG News Service. Chris' email address is

Join the CSO newsletter!

Error: Please check your email address.

Tags CriminalservicessecuritylegalsoftwareIT managementEnerVestcybercrime

More about BaltimoreIDGWest

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Chris Kanaracus

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts