A pause. “T. Ashworth? That’s Tom. He retired last April. Why?”
Someone—she’d call them the "Phantom" for now—hadn't hacked the system. They had inherited it. When Tom Ashworth retired, his ePay credentials were never revoked. Instead, they lay dormant for six months. Then, last November, a single login from an IP address traced to a public library in nearby Chester. The Phantom had simply typed Tom’s old password— Summer2019 —and walked in.
And then came the art of the small steal. Not millions—that triggers alarms. But £14.87 here, £32.10 there. A box of wipes. A torque wrench. A roll of Kapton tape. Each under the €50 automatic approval threshold for ePay. Over fourteen months, the Phantom had siphoned £23,847.82 from Airbus UK. epay airbus uk
Leo’s face crumpled. “He left it on a sticky note under his keyboard. I found it when I was covering his desk during my second week. I didn’t even mean to—I just… I wanted to see if it still worked.”
But Code #UK-7729 was an anomaly. The system had flagged a single invoice: £14.87 for a box of anti-static wipes, paid via ePay, authorized by a manager named "T. Ashworth," and delivered to "Bay 12, A-wing." A pause
“You reused Tom Ashworth’s password,” Clara said softly.
She nodded. The problem wasn't the wipes. It was the vulnerability. A retired password, an orphaned digital identity, a procurement system built on trust rather than verification. The Phantom had been a desperate young man, but the next one might be a state actor wanting to map Airbus’s supply chain for sabotage. That’s Tom
She clicked deeper.