System admin steals 20,000 items from work

Over the course of 10 years, [Victor Papagno] stole 19,709 pieces of equipment from the Naval Research Laboratory. He began taking stuff home in 1997 and had so much that he had to store some in a neighbors house. The report says that no secret technological information was taken.  Some items listed were CDs, hard drives, floppy disks, adding up to an estimated value of 1.6 million dollars. He could face up to two years in prison for this. We shudder to think of the total cost of all the post its, CDs, and floppy disks we’ve taken home over the years.

[via NetworkWorld]
[photo: Blude]

32 thoughts on “System admin steals 20,000 items from work

  1. I wonder how they can say no tech secrets were on the media, seems they haven’t had enough time to pore through all those floppies….

  2. I’ve come across floppies with sensitive military info on them before. You’d be surprised what people just throw out on a defunct military base.

  3. @charles p. lamb:

    That’s a good question. You have to understand how government accounting differs from business accounting. In a normal business, equipment depreciates and eventually is taken off the books. That’s not how the government does it. Anything costing more than a certain threshold stays on the inventory list until it’s disposed of. Usually the *only* legitimate way to dispose of such equipment is through a surplus sale. You’re not allowed to throw it out, give it away, etc., no matter how obsolete it is.

  4. Don’t you just love it when at work there are a dozen Atmel-based (now) prototype PCBs with added Ethernet connectivity? Need to find a good use for it and remove the encryption from the bootloader.

  5. I wonder if a box of paperclips or pushpins is one item or 300 items, not that it would not still be hard to get near 20K that way of course.
    As for the value, that’s a bit tricky when it’s software, if he makes a copy of windows he didn’t take the original and also the value would rise since they would count retail value of software probably.
    Still, 20K items, and I’m sure he’s not alone in taking stuff, I hear figures of more than 65% of theft in shops is by employees for instance, must be annoying to be an employer, you might want not to be too overbearing but you can’t trust your personal really.

  6. I think that the value of these items is insanely exaggerated, when you work in that field you acquire a lot of stuff. Example when your boss cleans out the bone yard just throwing stuff away and you are in a state of shock so you have said boss fill up boxes and rather them fill a land fill they go to a guy like this..

  7. Everyone knows a lightbulb costs $10K. All kidding aside, I’m sure they are going off the original cost. The military has warehouses of crap all over the country. It wouldn’t be hard to find pre-dos systems laying around.

  8. If you pay $250K for a report, and it’s on one CD, that CD is worth $250K. Only way I could think of to get the total this high.

  9. it makes me laugh that the navy is actually concerned with this… they are probably one of the most wasteful branches the united states has. “well, this ship is outdated and needs to be put out of commission. what should we do with it sir?”

    “blow it up”

  10. Well you need to remember that floppy discs were worth more back then. Also, I don’t think that picture is really what he took. 7.6 items a day, and he was stealing discs, hard drives, and other equipment. I see how it could be valued at $1.6 million.

  11. for everyone who complains that this is not a hack, and they are sick of all the nonhacks…
    please note that, in fact, there was *a hack* posted today, as there is everyday.
    It is hack-a-day… as it to imply that there will be at least one hack posted, and there was. everything else is *bonus material* for hacker minds. If hackaday was ONLY hacks.. it would be booring.. with exactly one post per day, no more, no less. I personally like the bonus posts myself, as do a lot of people. get over it.

    as for the topic, I too wonder how much of this was simply pre-emptive dumpster diving. the idea that many businesses have that you are stealing if you take from the trash is totally rediculous. If you want something permanantly destroyed (ie sensative data) then dispose of it properly. put it in the circular bin however, and its fair game for anyone. some of us have bigger pickup trucks than others ;)

    My brother has an entire cubical wall set (actually, 3 sets), PCs, UPSs, PLCs, etc etc.. all pre-emptive dumpster dives..

  12. This isn’t going to work everywhere, but the last manufacturing place I worked at I was able to get a ton of gear simply by asking the CEO for it.
    He’d look the stuff over and say yay or nay.
    it was always trash so it was always yay.

    Play it straight with folks and you may be surprised what happens.

    I was able to get enough parts and access to a machine shop to build a pretty cool wheeled rov.

    I also worked there for a few months short of ten years.

  13. I can see how this could be an issue since the military is required (legally I believe) to use the DMRO system to dispose of excess goods. But as a civilian, several companies I’ve worked for give the excess away to the IT staff because the cost of disposing of it properly (recycler) is MORE than it costs to just write it off the books and give it away. I can’t say that I’ve gotten quite this much stuff, but I have gotten a pickup truck at a time when we clean out our storage lockers. I’ve used the better parts and sold/given away what I could not use myself. I don’t see this as any terrible crime, I’m helping people who couldn’t afford the equipment outright and saving it from filling a landfill.

  14. The Navy is not as wasteful as some would believe. They still use very old ships and equipment. Stuff that’s outdated and faulty. Some gets ‘donated’ to the coast guard.

  15. It’s a stretch to call a floppy or CD ‘equipment’, but still…

    I got 2 30GB notebook HDDs off ebay a couple of years ago – supposedly refurbs. Imagine my surprise when they booted up into a fresh OEM image of W2K custom built for the Navy, complete with MS Office, DiskKeeper, EDS-built DOD policy management and cusomtized IE branding for the Navy/Marine Corps Intranet!

    I found the security contact at NMCI and reported it. After the initial ‘we’re very interested’ response, nothing more.

    This guy had been selling on ebay for a couple of years with 100% feedback. wonder where all those goods came from?

  16. I wonder how much of that stuff was outdated juink they were pitching.
    As for finding sensitive info on drives and media I had that happen before in stuff I got in auctions even medical data though I choose to simply erase it.

  17. Perhaps the volume of items, and value where inflate, to get the guy to plead to lesser charges? In the event the dude was give his old lady a hard time, he lead to his own downfall. Reminds me of the JC song one piece at a time. The USN wouldn’t miss one little piece.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s