At 5 p.m., we exited the building with the rest of the employees, and the manager locked the door. This was when the phones were set to switch to night ring, so we stood outside and called the office to test it. All worked perfectly -- after a quick high-five, we were off to a good meal and a solid night's rest at the hotel.
The next day at 8 a.m., we were back at the offsite location, ready to test everything once more before returning to the home office. At 8:15 a.m., we got a call from the vendor inquiring if we'd had a break-in the previous evening, occurring just after 5 p.m. We were quite sure we hadn't since we'd been standing outside the door talking until 5:15.
He explained that shortly after the system went to night ring, there were 19 calls of 10 seconds or less placed to a number in Africa. Each call was charged at several hundred dollars. Fortunately, the vendor's tech staff were online, noticed the call log, and immediately disabled international calling from that location.
We quickly verified that those calls had not originated from our site, and a couple of hours later, the vendor reported back with the results of the inquiry.
It turned out one of the vendor's former employees had stolen and cloned the credentials for one of the phones given to us. Though he was no longer employed by the company, he apparently still had access to monitor the phones, which he used to watch for the same media access control ID to be deployed.
At the same time, the ex-employee registered a phone number with an African phone service, similar to the way a 900 number works in the United States. Just by dialing such a number, the caller consents to the charges, which can run into several hundred dollars, depending on how the person sets it up. It soon became a waiting game for him.
When the opportunity arose, he acted quickly. He could tell we were on the East Coast and simply waited for 5 p.m., figuring it was the common quitting time. He called the office to test for a night ring, got it, and began to dial the number in Africa over and over again before the vendor saw and cut him off. The vendor understandably didn't disclose any more details about the depth of the ex-employee's shenanigans.
Thankfully, we didn't have to pay that bill, but I now have an extensive pre- and post-rollover questionnaire that I cover with vendors before and after jobs, with frequent updates and additions to the list. If anything, this incident reminded me the bad guys never quit, and neither can we.
Do you have a tech story to share? Send it to firstname.lastname@example.org. If we publish it, you'll receive a $50 American Express gift cheque.
This story, "After-hours IT: A phone hack exposed," was originally published at InfoWorld.com. Read more crazy-but-true stories in the anonymous Off the Record blog at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.