A contract programmer faces 10 years in jail for inserting a ‘logic bomb’ into a spreadsheet that caused the company to keep rehiring him

• A contract programmer has pleaded guilty to a federal crime, and he faces up to 10 years in jail and up to a $250,000 fine.
• He had planted a “logic bomb” in a system that caused glitches in the system he built for his client every few years – forcing his employer to be dependent on him to fix each new problem.
• His logic bomb was apparently discovered when the program glitched while he was on vacation, and he had to give employees the password so they could fix it.
• Visit Business Insider’s homepage for more stories.

We’ve heard of programmers who secretly automated their jobs, but here’s a darker tale of a contract programmer who tried to force his employer to be dependent on him. Now, he’s facing up to 10 years in prison, as well as a fine of up to $250,000.

David Tinley, 62, pleaded guilty in federal court to a charge of intentional damage to a protected computer, the US Attorney’s Office of the Western District of Pennsylvania said in a press release.

Tinley had been hired by a US unit of Siemens, the German-based tech conglomerate, to create custom automated spreadsheets. The company used these spreadsheets to manage orders for electrical equipment.

Tinley planted “logic bombs” in the spreadsheets, the government alleged. Logic bombs are bits of malicious code that disrupt the program when specific conditions are met, like a specific time on a specific date.

Read more: Microsoft CEO Satya Nadella told a cute joke about what it's really like to work with Bill Gates

In this case, the logic bombs were timed to go off every few years, the government alleged, causing the spreadsheet to experience glitches like error messages and size changes to on-screen buttons, according to a report from Law360.

When the program glitched, the company would bring Tinley back in to fix it. He fixed the system by pushing back the date the spreadsheets would stop working again, the government said.

He was busted in 2016 when he was away on vacation and Siemens had to put an urgent order through the system, which had begun glitching, according to the Law360 report. The circumstance reportedly forced Tinley to share with employees his passwords that protected the system's code - revealing the logic bomb.

Tinley's lawyers said he never made any money by being hired to go in and fix the spreadsheets, arguing that his motivation was to protect his proprietary work, according to Law360. Even so, prosecutors argued that the situation met the $5,000 in damages needed to label it a felony because Siemens spent about $42,000 on an investigation into the damages he may have caused, Law360 reported.

Tinley's plea included an agreement to pay restitution for those costs and forfeit two laptops, according to Law360. That's in addition to his sentencing, where he'll face the prospect of jail time and a fine.

It's not unusual for programmers found guilty of planting logic bombs to go to jail.

In 2008, a system administrator was sentenced to 30 months over his failed logic bomb at his employer Medco after it was spun off of Merck and he feared being laid off, The Register reported at the time. The system administrator pleaded guilty to planting the bomb, which was designed to delete a bunch of data after he left the company. Flaws in the way it was coded kept it from going off on time, and he was caught after he tried to fix it, prosecutors alleged.

In 2018, an Atlanta judge sentenced a database programmer to two years in prison after he pleaded guilty to planting a logic bomb in the US Army's payroll databases, ZDNet reported. He planted the bomb after his employer lost the contract to continue managing those databases. This bomb did go off, deleting data that prevented US Army reservists from being paid and deployed on time. The army spent $2.6 million to investigate and repair their systems. They did restore all the data, and the man was ordered to pay $1.5 million in restitution and received jail time.