For most IT professionals, the worst-case scenario during a compliance audit is a heated email exchange or a bureaucratic headache. But for a systems administrator known as ‘Henry,’ a routine check for pirated software at a major Internet Service Provider (ISP) spiraled into a terrifying ordeal involving death threats and a brush with a future murderer. The incident, recently brought to light by The Register, serves as a chilling reminder that the digital enforcement of corporate policy can have visceral, physical consequences.
Henry’s role was explicit: enforce the ISP’s acceptable use policy to prevent lawsuits. In an era where intellectual property litigation was a constant corporate anxiety, his job was to ensure staff weren’t using company bandwidth to download illegal content. It was a standard function of the IT department—until the day daily software inventory scans detected unauthorized software.
How did a routine compliance check turn deadly?
According to the account shared in the ‘On Call’ column, Henry identified a colleague who was downloading "extreme amounts" of pirated software. This wasn’t a minor infraction; the volume was significant enough to flag immediate concern regarding the ISP’s legal liability. Henry followed protocol, reporting the violation to management. The evidence was irrefutable, leading to the colleague’s immediate suspension, a disciplinary measure decided after the investigation was concluded.
However, the true danger emerged not during the suspension, but upon the employee’s return. Rather than showing remorse or keeping a low profile, the colleague targeted Henry with a specific and violent threat. As Henry recounted, the reinstated employee "would tell anyone who listened that the next time he saw me, he would put a bullet in my face."
The specificity of the threat—to "put a bullet in [his] face"—transformed a professional conflict into a scenario of imminent physical danger. While the antagonist eventually left the company, the psychological toll of working alongside someone who had vocalized a desire to execute you cannot be overstated. Henry was left to wonder if the threat was hyperbole born of frustration or a genuine promise of violence.
What are the hidden risks of internal IT enforcement?
Years later, Henry received a grim validation of his fears. Through news reports, he discovered that his former colleague—the man who had threatened to shoot him over a software dispute—had been convicted of murdering a business partner. The former coworker is currently serving a prison sentence of at least 15 years.
This revelation reframes the original incident from a workplace dispute to a near-miss with a violent criminal. It highlights a critical blind spot in corporate security: the assumption that internal threats are merely digital or financial. When IT staff are tasked with policing the behavior of their coworkers, they are often placed in the line of fire without the physical security protocols afforded to law enforcement or security guards.
The intersection of ‘bossware’ monitoring and employee privacy has created a tinderbox in modern offices. As IT departments are increasingly asked to deploy surveillance tools to monitor productivity and compliance, they become the visible face of unpopular management policies. Henry’s story is an extreme example, but it sits on a spectrum of friction that is becoming increasingly common.
How common is workplace violence in the tech sector?
While Henry’s story is anecdotal, it aligns with disturbing trends recorded throughout 2025. Data suggests that the friction between employees and the systems meant to monitor them is reaching a breaking point. According to a 2025 report by Traliant, workplace violence is on the rise, with 30% of full-time employees reporting that they have witnessed violence against coworkers within the past five years—a significant jump from 25% in 2024.
Furthermore, the cost of the "insider threat"—a term usually reserved for data theft or sabotage—must now account for physical safety. According to the 2025 Ponemon Cost of Insider Risks Global Report, organizations lost an average of $17.4 million to insider threats in 2025. While much of this figure represents data remediation and legal fees, the human cost of protecting staff from violent colleagues is becoming a necessary calculation. In Henry’s case, the threat came from a peer, but the catalyst was the enforcement of a top-down policy.
Looking Ahead
Henry’s experience serves as a grim wake-up call for CTOs and HR directors: IT compliance is not a victimless vacuum. When technical staff are required to act as the ‘police’ of the organization, they assume the risks associated with law enforcement, often without the necessary training or protection. The fact that a man capable of murder was able to threaten a whistleblower and remain in the building—even temporarily—exposes a severe lapse in how corporations assess behavioral risk.
As we move deeper into 2026, the industry must rethink the ‘insider threat’ paradigm. It is no longer just about preventing a disgruntled engineer from stealing code; it is about ensuring the physical survival of the staff tasked with stopping them. If companies continue to push aggressive monitoring and compliance policies without bolstering physical security for their IT enforcers, we are likely to see more ‘Henrys’—and next time, the threat might not remain verbal.
