Edward Soybel, a former contractor for W.W. Grainger, Inc. maintained the computer servers for Grainger\u2019s network of industrial vending machines from November 2014 through February 2016, when his services were terminated. Upon termination, Soybel, lost his trusted insider status \u2014\u00a0and his access to those Grainger servers.That didn't stop him from getting back in, though.Soybel successfully hacked into the Grainger servers in July 2016 and gained unfettered access to the Grainger inventory management program that supports some 18,000 customers throughout the U.S. and intentionally damaged the data within, according to the\u00a0Department of Justice indictment of Soybel.Soybel\u2019s LinkedIn profile describes his position at Grianger as a Systems Analyst Level 2. His job description shows he was deeply involved with troubleshooting the various connectivity methodologies, as well as a plethora of databases and computer technologies.On the surface, the case looks rather simple. Soybel departed, and for whatever reason, he opted to extract a bit of revenge. Using his trusted insider knowledge, he successfully hacked back into his former employer\u2019s infrastructure for the purpose of destroying and manipulating sensitive data.Interestingly, and perhaps coincidentally, Grainger announced Mark Lohman as the new CISO two days following the arraignment of Soybel. According to the Grainger press release announcing Lohman\u2019s appointment, Lohman joined Grainger in 2014 as senior director of information security and business continuity.\u00a0No doubt Lohman was intimately involved with pulling together the Grainger data provided to law enforcement in support of the Soybel indictment.The Grainger announcement highlights the need for companies to \u201cprioritize vigilance and awareness to realize information security.\u201d The press release further discusses how \u201cGrainger plays an active role in securing sensitive data and our systems and enables Grainger to be a reliable and trusted partner.\u201dWhat companies can learn from the Grainger hackAs with any instance when data flow is disrupted, a company is put at risk of not being able to provide goods and services as expected. When data is neither blocked nor stolen but corrupted, it creates a far different dynamic because corrupted data may have already been replicated across the backup servers, and only the \u201ccold start\u201d backups would not be corrupted, depending upon when the data was originally corrupted.In September 2015, then director of national intelligence, James Clapper, told Congress, "In the future, however, we might also see more cyber operations that will change or manipulate electronic information in order to compromise its integrity. ... Decision making by senior government officials, corporate executives, investors or others will be impaired if they cannot trust the information they are receiving."While Clapper was speaking of the activities of nation states, the actions of Soybel show that a current or former trusted insider may be well placed to affect such a disruption. Thus it begs the question all IT employees should be asking themselves while reading of Soybel: Would the corruption of their or their customer\u2019s data be detectible? And if not, what adjustments need to be made to detect the corruption of data?