An outrageous bug let him make 1,358 withdrawals.
A programmer at a Chinese bank discovered a flaw in the institution’s software that let him drain the equivalent of $1 million from its ATMs over the course of about a year.
That’s according to Hong Kong newspaper the South China Morning Post, which reports that coder Qin Qisheng’s employers at Huaxia Bank believed his explanation that he was just investigating its security system — but authorities didn’t and now he’s headed to prison.
Qin reportedly discovered a flaw in the bank’s ATM code that kept it from recording withdrawals made around midnight. He then added scripts to the system that prevented it from triggering an alert when he withdrew money. In total, according to the Daily Economic News, he made 1,358 late-night withdrawals.
When Qin got busted, his excuse was that he had been investigating security flaws in the bank’s system. His bank bought the explanation, but police didn’t.
“Qin Qisheng said that the matter was complicated and involved lots of work,” a Huaxia representative said during the trial, according to the SCMP. “He believed the bank would not pay attention even if he reported it.”
The bank might have believed Qin’s explanation that he was trying to buff up its security, but a court sentenced him to 10 and a half years in prison in December, according to the SCMP — a ruling upheld by an appeal court.
“After reviewing the papers, speaking to the appellant and listening to the opinions of the defenders, we believed that the facts of the case were clear and decided not to have another trial,” the court said, according to the SCMP.
READ MORE: Chinese Bank’s Software Chief Jailed After Finding Way to Withdraw US$1m in ‘Free’ Cash From ATMs [South China Morning Post]
More on banking: Facebook Is Asking Banks to Share Data on Customers’ Spending Habits