Adam Georgeson: IT technician jailed for revenge cyber-attacks

An IT technician has been jailed for revenge cyber-attacks on a school and IT firm after both of the employers sacked him.

Adam Georgeson's attack on Welland Park Academy in Leicestershire caused some pupils to lose coursework and parents to lose irreplaceable family photos.

It also stopped remote learning for four days, when pupils were reliant on this due to the coronavirus lockdown.

Judge Mark Watson gave Georgeson, who is 29, a 21-month sentence.

He told him he will serve half of this in prison before being released on licence.

Julie McBrearty, principal of Welland Park Academy, said she believed the sentence was "appropriate".

"It cost the school £15,000 to repair the damage caused by the cyber-attack, although you cannot put a cost on lost learning," she said.

"This sentence will make it clear that this criminal activity has significant consequences for both victims and perpetrator."

She added police had been "brilliant" and helped recover data and limit damage.

Leicester Crown Court heard Georgeson, from Robin Lane in Wellingborough, started working at the school in Market Harborough as an apprentice in December 2016.

However, he did not tell the school he had two convictions for fraud, and was dismissed in February 2017 after they found out.

He later got a job with an IT and telecoms firm in Rutland called Millennium Computer Services.

He was working for the firm when he launched the cyber-attack on the school on 16 January 2021, but did so using his home computer, the court was told.

Georgeson was able to remotely access the school's servers and wipe data from them, as well as wiping data from the computers of parents and pupils who were accessing the school's system remotely.

The court heard there were 29 victims of this, including a mother who lost 18 months' worth of university work, and a father who lost about 1,000 personal photographs.

Det Con Anthony Jones, from Leicestershire Police's cyber-crime team, was able to link the attack to Georgeson by his Internet Protocol (IP) address.

Daniel Bishop, who prosecuted the case, said Georgeson was arrested and told police he started the attack because he was "bored" and "curious".

"He said things escalated quickly and he lost control of what he was doing," Mr Bishop said.

Georgeson was released on bail and used the Millennium Computer Services credit card to buy some computer equipment, as his had been taken by police.

Mr Bishop said Georgeson then carried out a series of cyber-attacks on the IT firm after they terminated his employment too.

These attacks caused staff to be unable to access their email and computer systems, he said.

Georgeson initially answered no comment when arrested on 9 March, but later admitted responsibility in an interview on 30 March.

"He said anger had built up inside him and he wanted to make a point," Mr Bishop said.

"He said he didn't want to destroy things but he wanted to do something to cause disruption to the company."

Georgeson admitted two counts of unauthorised acts with intent to impair operation of or prevent/hinder access to a computer.

He pleaded guilty to the offences on the basis he did not know the computers of parents and pupils attached remotely to the school network would also be wiped.

Follow BBC East Midlands on Facebook, external, on Twitter, external, or on Instagram, external. Send your story ideas to eastmidsnews@bbc.co.uk, external.