Ezekiel Dean Potter, a 34-year-old former senior IT support specialist at the Saydel Community School District in Des Moines, Iowa, has been sentenced to 21 months in prison for conducting a prolonged cyberattack against his former employer. The attacks, which began shortly after Potter left the district in April 2023, disrupted classroom operations, deleted accounts, and caused tens of thousands of dollars in damages.
According to court documents, Potter retained access credentials after leaving the district and repeatedly targeted the district’s systems over the next 21 months. He deleted the district’s Facebook page, stripped employees of access to educational platforms and accounts, and attempted to reset usernames and passwords for various other platforms and accounts. The attacks caused widespread disruption to the school district, impaired its ability to teach students, and resulted in tens of thousands of dollars in remediation costs.
The cyberattacks began shortly after Potter left the district, when Saydel’s Facebook account was deleted. Prosecutors say Potter later targeted the district’s Apple School Manager account, deleting user accounts, passwords, phone numbers, billing information, and device management server data. This effectively prevented school employees from accessing the Apple School Manager platform and disabled management of district MacBooks and iPads for roughly a week while staff worked with Apple to recover access.
The district also experienced unauthorized access attempts against its GoDaddy account and other online services. In January 2025, Potter accessed the district’s Schoology learning management system through a Google administrator account and deleted an IT employee’s account, disrupting teacher access to the platform and impacting classes for approximately two hours. A week later, prosecutors say Potter accessed another administrator account and deleted nine Gmail accounts belonging to current and former district employees, including the district’s IT director and superintendent.
Federal investigators eventually traced some of the activity to IP addresses associated with Potter’s other employers, including Casey’s Store Support Center and The Printer Inc. (TPI). After Potter left TPI in January 2025, prosecutors say he asked a former coworker to retrieve and wipe a USB drive from his desk. Instead, the coworker turned it over to investigators, who allegedly found spreadsheets containing usernames and passwords for Saydel School District accounts and services.
Potter pleaded guilty in January 2026 to computer fraud charges under the Computer Fraud and Abuse Act without entering into a plea agreement. On June 11, Potter was sentenced to 21 months in prison followed by three years of supervised release. As part of his supervised release conditions, Potter will be subject to restrictions and monitoring related to employment, finances, and computer systems, including searches of electronic devices upon reasonable suspicion.
Potter is also required to pay $59,668.81 in restitution to the Saydel Community School District and its insurer, Travelers Casualty and Surety Company, for remediation costs related to the attacks.
Source: Original article