Indictment of two System Administrators

I found this via the Plausible Deniability Toolkit – A 2006 US District Court indictment of two system administrators for what the prosecutors labeled obstruction of justice for destroying electronic evidence. Starting on page 4, labeled “The Conspiracy”, is summarized as:


From in or about November 2003 through in or about October 2005, in the Eastern District of Pennsylvania, and elsewhere, defendants LEONARD P. LUCHKO and MARK C. EISTER conspired and agreed, together and with others, both known and unknown, to commit an offense against the United States, that is, to obstruct justice by

(1) corruptly persuading another person, and attempting to do so, and engaging in misleading conduct toward another person, with the intent to cause and induce a person to alter, destroy, mutilate and conceal electronic evidence,
including e-mail communications pertaining to matters within the scope of a federal criminal
investigation, with the intent to impair the electronic evidence’s integrity and availability for use
in an official proceeding;

(2) corruptly altering, mutilating, and concealing electronic evidence
and attempting to do so, with the intent to impair the electronic evidence’s integrity and
availability for use in an official proceeding; and

(3) knowingly altering, destroying, mutilating and concealing electronic evidence with the intent to impede, obstruct and influence the investigation and proper administration of a matter within the jurisdiction of any department or agency of the United States, and in relation to and contemplation of any such matter, all in violation of Title 18, United States Code, Sections 1512(b)(2)(B), 1512(c)(1) and 1519.

How did these two admins alledgedly contribute to this conspiracy?

It was a part of the conspiracy that, in both contemplation of and with
actual knowledge of the investigation described above, and for the purpose of destroying e-mail
and other electronic evidence in order to prevent the FBI, the IRS, and this federal grand jury
from receiving or reviewing such evidence in the course of the investigation, defendants
LEONARD P. LUCHKO, MARK C. EISTER, Person No. 1, and other persons, both known and
unknown to the grand jury (collectively, “the conspirators”),

(a) systematically destroyed e-mail communications sent to or received from the Senator and the Executive Director of the

(b) created and implemented a formal schedule to run specialized computer programs known as Secure Clean Deep Clean and PGP Free Space Wipe that erased any trace of deleted electronic files on computer hard drives, servers, PC cards, and other electronic storage devices;

(c) instructed the Senator’s employees that under no circumstances were they permitted to save any e-mail sent to or received from the Senator;

(d) logged into the e-mail accounts of the senator’s employees to scan their e-mail to determine if they were, in fact, saving any e-mail relating to the Senator; and

(e) deleted and wiped other electronic equipment, such as the Blackberry communication devices used by the Senator and the Executive Director, among other persons.

These two techs have even been denied separate trials from the senator mentioned in the indictment. They are contending that they face less extensive charges than the senator, who is accused of using his office and a charity for personal and political benefit.

The document goes on to great detail full of legal speak, but I think you get the gist of the indictment. From what I’ve read, it does seem that the two admins may have performed some unethical, if not illegal, computer related tasks while on the job in their particular situation.

I’d like this posting to be a gentle reminder to all admins, especially those working in public education, and government, that your on the job actions could get you in a whole bunch of trouble.

One Response to “Indictment of two System Administrators”

  1. Colleague of the Administrators Says:

    I am familiar with this investigation and in the System Administrators defense these security policies had been in place since 1999. This investigation started in 2003 and lasted 4 years! What were they supposed to do not protect their network for four years. The Administrators are scapegoats!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: