Ex-employee jailed for embezzling 3.5m Etisalat reward points

Dubai: An Etisalat ex-employee has been jailed for six months for stealing clients’ 3.5 million reward points that he used for himself to eat pizza, fried chicken and watch cinema.

The 25-year-old Egyptian employee, who formerly worked for Etisalat’s client services section, used his username and password to hack into the accounts of 19 clients and steal their personal details between July 2015 and October 2016.

He then abused his authority to access client’s details and steal their reward points that he transferred to himself in the form of coupons. Then he used those coupons at Pizza Hut, KFC, souq.com and Reel cinemas.

An Emirati employee discovered later that someone had transferred his reward points to free coupons and used them at souq.com.

The Emirati contacted Etisalat and notified them about what had happened before an enquiry exposed that the Egyptian had hacked into the Emirati’s account and stolen the reward points.

The Dubai Court of First Instance convicted the 25-year-old of misusing his login credentials to access clients’ details and steal the 3.5 million reward points worth Dh29,000 in free coupons.

Despite having pleaded not guilty, the defendant was also fined Dh150,000 and ordered to repay Dh29,000 to Etisalat.

Presiding judge Fahd Al Shamsi also referred the civil lawsuit lodged against the defendant to the Dubai Civil Court.

The accused will be deported after serving his punishment.

When he defended himself in court, the defendant contended that he did not commit any crime. “Someone else used my login credentials. We often exchanged our login credentials and used each others’ devices. I did not hack into any client’s account to steal the details and take the reward points,” he argued.

The defendant was stationed at an outsourced branch and used to hack into clients’ details using his login credentials to get their private details, which he used to steal the reward points. Then he transferred the reward points to coupons that were sent to his email so he could use them for himself.

The Emirati employee said he was notified by his bank that his reward points had been emailed to him in the form of coupons and plane tickets.

The defendant was quoted admitting to prosecutors that he abused his authority [as an outsourced employee] to access clients’ details to steal their reward points for his personal benefit.

The primary ruling remains subject to appeal.