The companies at fault as well.
They didnt disable access?
I work as a remote technician for a website hosting company, that has a lot of remote employees/contractors.
Currently REALLY critical systems dont allow access unless your IP address is listed with our admin team.
In the event of a technicians IP address changing (dang ISPs), their old one is removed and the new one put in.
In the event of someone leaving/getting fired, their IP address is removed from the system, and all backend systems passwords are changed.
Usually within minutes.
Also the person who did this was an idiot, logging into their own old account to do it? Everyone knows you use another employees access and then do it from a public terminal.
Alternatively, if you work for a large company, just keep a list of all the different ways they try to screw customers and if your fired, make the list public.
Posted AC as bosses may be lurking.