The former network administrator was convicted of “hacking” the network because he would not turn over the administrative passwords when he left an employer. He’s being made a scapegoat IMHO. What of the incompetent supervisors who did not require him to document his work and why was one guy in charge of all that with no backup? What if he had been run over by a bus? Would the city have sued his estate? Nope. What’s the difference? He did turn over the passwords eventually and no harm was done except panic caused the city to spend $900 K in 12 days to recover control of the system. How did they manage to spend that much money if all that was required was a password? Now they want to send him the bill.
The moral of the story? Don’t ever work for San Francisco as a system administrator. I have managed a lot of networks and I have always left the passwords with my boss on the way out. What they do with them is their problem. So he was a twit. Is that worth four years in jail? Why did they have to keep him in jail for a couple of years during the trial? It seems to me the punishment does not fit the crime. Otherwise half the population would be behind bars.