Employee hacking presents significant liability risks for Texas employers

Employee misuse of technology—particularly hacking or unauthorized access to employer systems—presents an increasingly serious threat to Texas employers. While organizations tend to invest heavily in protection against external cyberattacks, insider threats can cause some of the most severe operational and financial harm. A recent Texas case underscores how quickly an insider can inflict serious damage on an employer.

Threat from the inside

A former contractor admitted that after termination, he used improperly obtained credentials to access his former employer’s network and ran a script that reset approximately 2,500 user passwords across the company’s national system, locking employees out of critical systems and disrupting operations. The incident caused over $862,000 in losses related to downtime, remediation, and service interruption.

The case is not an outlier. A substantial number of data breaches come from insider threats. Insider events increasingly stem from credential misuse, negligent employee behavior, or malicious insiders acting with or without motive.

The threats don’t just come from employees—contractors or consultants often pose the same risk as regular employees because they may have equivalent access to company systems and sensitive data. Insider risk spans the entire employment or contractor lifecycle and demands robust, proactive controls from employers.

No limit on the damage an insider can cause