Overview

• Davis Lu was sentenced on Aug. 21, 2025, to four years in prison followed by three years of supervised release.
• A jury in March 2025 convicted Lu of causing intentional damage to protected computers.
• Prosecutors said Lu embedded a kill switch named “IsDLEnabledinAD” that triggered when his Active Directory account was disabled on Sept. 9, 2019, locking out thousands of users globally.
• Court documents detail additional sabotage including infinite Java thread loops to crash servers, deletion of coworker profile files, and the removal of encrypted data from his laptop alongside searches on privilege escalation and process hiding.
• The employer incurred hundreds of thousands of dollars in losses; the ClevCleveland Field Office investigated, and DOJ’s CCIPS with the Northern District of Ohio prosecuted the case.