Don’t be a dick to your Webmaster, because he/she might be someone like Tavis Tso — an Arizona IT guy who was sentenced Monday to four years of federal probation after pleading guilty to holding a corporate website hostage and redirecting it to a gay porn site.
According to Tso’s plea deal, he set up the company’s account with GoDaddy back in 2011. Nearly four years later, after Tso had left, the company decided to update its contact information — but Tso was still the only one with the login.
Tso denied he had the info, and instead told the company that he could help fix the issue for $10k. When they declined, he unleashed the porn — and was eventually hit with a federal charge under the Computer Fraud Abuse Act.
This isn’t the first time something like this has happened
Apparently, webmasters are quite aware of their power — and they’ve been staging hostage crises for years. (Google “webmasters holding websites hostage,” and you’ll find a potpourri of horror stories.)
Take, for instance, Gregory Alexander, a “web dude” of a widely known chess discussion forum who was indicted by a federal grand jury back in ‘09 for accessing a board member’s email account on 34 different occasions.
In another case, the small town of Easton, CT had their website held hostage after the webmaster they hired claimed to own the site.
Boy, we really trust these guys
Trusting one person with the entire online infrastructure of a company is a huge risk, but also a necessary evil: these guys are knowledge pillars of HTML, and can easily bury nuggets of code in their work. To avoid a nightmare situation, you should always maintain master access to your usernames and passwords.
Generally, though, there’s no need to be afraid of Webmasters — unless you insult Battlestar Galactica.