Re: What IS surprising ...
Where's the wholesale reading of the CEO's email to warn of future restructuring
Seen that one, only it was done by a low level employee, not the sysadmin. Technically still the sysadmin's fault because of the configuration, but in his defense, this was at least 5 years before security even became an inkling of an image on the early warning radar. And after it was discovered, it was fixed post haste. Including the employee who engaged in the spying being canned even faster.
How come so few disaffected fire-ees don't "take out" that one single, critical machine when they are let go?
Sort of seen this one too, although again it was at the employee level. All critical files on their network and local drives were wiped. Yeah, they were keeping the bulk of their data on the local against company policy. But then again there was no enforcement mechanism.
And the biggie: stealing customer files before walking. Seen that one twice. First time it was a sales guy who copied the list the second month he was with the business. Next time it was more heard of rather than saw. Agreement in place when I was hired as a field tech. Previous lead tech walked off with the company customer list. But in that case I'll still call him employee as opposed to sysadmin because we were all field techs.