I was reading this story about a TJX employee being fired “after he left posts in an online forum that made disturbing claims about security practices at the store where he worked.”
Current and former employees with an axe to grind pose a much greater threat than many of the other issues we often spend our time chasing after. In this instance, an employee has taken it upon himself to sully his employers name in a public forum. Regardless of whether the information he posted is correct or not he deserves to be fired.
As to the information itself, I’m not sure it’s important. I wouldn’t be surprised if individuals within most large organisations couldn’t probably dig up a few things they’d consider to be evidence of poor security. WIthout the full picture of other controls it’s not possible to make a judgement on risk.
Given that on the forum itself the employee in question states that “I am at the same hierarchical level as a cashier” it’s highly unlikely that he knows much about the security processes in place. Did he deserve to be fired? Absolutely yes!