Mahalo Mess-up: We Hired A Cyber Criminal
John Schiefer had already convicted to four years in prison for cyber crimes when search firm Mahalo decided to hire him as a security consultant.
March 6, 2009
The case might've remained unknown hadn't it been for the recent (and very emotional) blog post penned by Schiefer's top boss, Jason Calacanis.
The Mahalo CEO writes in defense of his decision:
“We didn’t know John was convicted of infecting 250,000 computers with bots when we hired him. We have a rigorous hiring process at Mahalo, in which each candidate must go through an average of five to eight interviews, and in which at least three, but more typically five, references are checked. Our CTO, and one of my oldest friends, Mark Jeffrey, did all of this with John, and he passed with flying colors.
However, Mark screwed up by not doing a simple Google search on John’s name. [...] Months after John’s hiring, our VP of Operations found out about the crimes John had committed. We sat down with John and learned about what he did when he was younger, how he was abused as a child, his anger issues, and how he found some level of peace in being part of the team at Mahalo.”
It may sound good for a group of boy scouts, but the truth is Mahalo messe up real bad. First of all, their “rigorous hiring process” was proved to be full of holes. Second, it's quite embarassing for a search firm to be unable to actually search for data on a specific individual.
Last but not least, Calacanis would better wonder: do my customers feel right for having their data at the finger tips of a convicted cyber criminal?